So just WHAT are online shoppers supposed to do now? 🤷‍♀️

https://thehackernews.com/2023/04/attention-online-shoppers-dont-be.html

>An ongoing #Magecart campaign has attracted the attention of #cybersecurity researchers for leveraging realistic-looking fake payment screens to capture sensitive data entered by unsuspecting users.

>"The threat actor used original logos from the compromised store and customized a web element known as a #modal to perfectly #hijack the checkout page," Jérôme Segura, director of threat intelligence at Malwarebytes, said. "The remarkable thing here is that the #skimmer looks more authentic than the original payment page."

>These digital skimming attacks, also called #formjacking, traditionally leverage various kinds of #JavaScript trickery to siphon sensitive information from website users.

>The latest iteration, as observed by Malwarebytes on an unnamed Parisian travel accessory store running on the PrestaShop CMS, involved the injection of a skimmer called #Kritec to intercept the checkout process and display a fake payment dialog to victims.

>"Discerning whether an online store is trustworthy has become very difficult and this case is a good example of a skimmer that would not raise any suspicion," Segura said.

I mean, it seems like an average consumer would have no practicable defence. It seems like catching fish in a barrel. 😮