Hundreds of e-commerce sites booby-trapped with payment card-skimming malware – The hacked sites were running outdated Magento 1 e-commerce platform

payment card online

About 500 e-commerce websites were recently found to be compromised by hackers who installed a credit card skimmer that surreptitiously stole sensitive data when visitors attempted to make a purchase.

“The Natural Fresh skimmer shows a fake payment popup, defeating the security of a (PCI compliant) hosted payment form,” firm researchers wrote on Twitter. “Payments are sent to https://naturalfreshmall[.]com/payment/Payment.php.”

If your credit card company provides single use, or pausable, virtual cards, it is well worth the effort to make use of those. You can use a virtual card once, and then delete it. This is especially necessary on foreign, or never before used, sites. For regular payments, I’ve set up a separate virtual card with a tight monthly limit.

See https://arstechnica.com/information-technology/2022/02/hundreds-of-e-commerce-sites-booby-trapped-with-payment-card-skimming-malware/

#technology #ecommerce #malware #fraud #security