So just WHAT are online shoppers supposed to do now? 🤷♀️
https://thehackernews.com/2023/04/attention-online-shoppers-dont-be.html
>An ongoing #Magecart campaign has attracted the attention of #cybersecurity researchers for leveraging realistic-looking fake payment screens to capture sensitive data entered by unsuspecting users.
>"The threat actor used original logos from the compromised store and customized a web element known as a #modal to perfectly #hijack the checkout page," Jérôme Segura, director of threat intelligence at Malwarebytes, said. "The remarkable thing here is that the #skimmer looks more authentic than the original payment page."
>These digital skimming attacks, also called #formjacking, traditionally leverage various kinds of #JavaScript trickery to siphon sensitive information from website users.
>The latest iteration, as observed by Malwarebytes on an unnamed Parisian travel accessory store running on the PrestaShop CMS, involved the injection of a skimmer called #Kritec to intercept the checkout process and display a fake payment dialog to victims.
>"Discerning whether an online store is trustworthy has become very difficult and this case is a good example of a skimmer that would not raise any suspicion," Segura said.
I mean, it seems like an average consumer would have no practicable defence. It seems like catching fish in a barrel. 😮
#MageCart #CyberSecurity #modal #hijack #skimmer #formjacking #javascript #kritec