According to the company, the problem goes back as far as 2015 when the Magecart group stole payment credentials from online stores by adding its code to third-party dependencies.
When a customer loaded a web page that used the now-fraudulent routine, the code executed in their browser, collecting the information they entered and forwarding it to the criminals behind the scheme.
Well-known companies caught by such skullduggery inclide Ticketmaster and Newegg.
Cloudflare thinks it has a solution to this and related problems such as the display of fraudulent advertisements (sometimes linked to phishing sites) and unauthorised cryptomining.
The first weapon in Page Shield's arsenal is Script Monitor.
This feature is in beta, and when compete will be made available to Cloudflare's business and enterprise customers at no extra charge.
Additional Page Shield features are underway or being planned.