Phishing attacks online have taken the form of either site hijacking to infect a payment platform and log users’ credit card details, or site imitation where fake modules collect login and payment details.
The security researchers have discovered the new technique across a number online stores which run WordPress WooCommerce and Prestashop.
As well as checkout page phishing, Sucuri detected payment modules, such as PayPal’s, hosted on criminal servers. While this attack had only been seen on a few sites, it is expected to be present across a large number of online portals as it is extremely hard to flag.
Every day we send out a free e-mail with the most important headlines of the last 24 hours.
Subscribe now