Skimmer acts as payment service provider via rogue iframe

Credit to Author: Jérôme Segura| Date: Tue, 21 May 2019 15:38:42 +0000

Even e-commerce sites that do not take payment information themselves can be abused by crooks. In this post, we show how a web skimmer is able to inject an artificial iframe into the checkout page to prompt users for their credit card information. Victims will only realize something’s not right when they are redirected to the real (and external) payment form.

Categories:

Tags:

(Read more…)

The post Skimmer acts as payment service provider via rogue iframe appeared first on Malwarebytes Labs.

Read more