Phish victims fall for 3rd-party fake payment processing page

Cybercriminals have devised a card-skimming scheme that involves creating a phishing page that impersonates a retailer’s third-party payment service platform (PSP). Certain e-commerce websites outsource their financial transactions by redirecting customers to a secure page operated by PSP companies. But in this scam, discovered by researchers at Malwarebytes, the malicious actors swap out the genuine PSP payment processing page with a fraudulent one that asks for customers’ personal and financial data. These details will then be skimmed and exfiltrated to an attacker-controlled server.

Source: SC Magazine

The post Phish victims fall for 3rd-party fake payment processing page appeared first on IT Security Guru.

Share this post

Share on facebook
Share on linkedin
Share on print
Share on email

Subscribe to our Monthly Cyber Security Digest

Get monthly content to keep you up to date on the latest news and tips