Cyber security news for all

More

    Cyber criminals are currently using icons to obtain credit card data

    The security researchers at Malwarebytes have uncovered a new web skimming attack in which users are cleverly lured onto the wrong track when they search online for graphic elements such as icons. Due to the imposed exit restrictions to protect against the spread of the coronavirus, cybercriminals have also recognized this. That’s why is credit card skimming and illegal tapping of information increased.

    Credit Card Data Is The Main Mission

    Cybercriminals registered a new website that visually resembles the domain and  a well known database for icons and other graphic elements. Instead of providing useful icons for presentations, cybercriminals only use the fraudulent website for one purpose: to tap credit card data. Instead of providing a PNG image, the malicious server returns a JavaScript code that consists of a credit card payment form. This content is loaded dynamically into the document object model  in order to overwrite the checkout option with its own dropdown menu.

    credit card

    Most Attacks Take Place On Monday

    The study also found that criminals mainly focus on starting of the week. As a result, most attacks take place on Monday and decrease over the weekend. The United States and Canada have seen the most skimming attacks. The security researchers also assume that web skimming activities will continue to increase in the coming months.

    The Security Researchers At Malwarebytes Provide The Following Security Tips

    • Only rarely enter credit card details manually. Saving the payment data is recommended.
    • Check the security seal. Unfortunately, they can be deceiving. When a website displays a corresponding logo, it does not always have to mean that this page is actually secure.
    • Examine source code. This tip is more for tech save users. They can, examine the source code of a website with the help of developer tools, which as a side effect can switch off a skimmer that notices that it is being checked.

    Recent Articles

    Hackers send malicious Azure Cloud apps to Microsoft

    Microsoft has banned some Azure Cloud applications from its cloud that the company identified as part of an attack infrastructure. Microsoft describes the approach...

    Vodafone experiences a vulnerability with fatal effects

    The injected JavaScript can access the session cookies from Vodafone website and send them to a server. An attacker can take over the session...

    Maze leaks data on its own platform

    The Maze ransomware has been up to almost a year and a half. This week, security experts warned about the actions of the cyber...

    Emotet to spread the malware behind email archives

    If you find an attached pack to an email these days, you should be particularly careful: the highly developed malware Emotet could be lurking...

    500,000 Activision accounts have been leaked

    Activision has taken a position on the alleged leak. According to the publisher, there has never been a data leak. In some cases it is...

    Related Stories

    Leave A Reply

    Please enter your comment!
    Please enter your name here

    Stay on op - Ge the daily news in your inbox