There’s a new online shopping scam to look out for this holiday season. The credit card skimmers use a post message that looks like an authentic PayPal window. They are aiming to steal users PayPal login credentials and other info. Here’s how to avoid the scam.
New PayPal scam 2020
The Holiday season is here. Many of us are stuck at home due to COVID-19 restrictions, which means we’ll be doing our shopping online. Magecart is a group of hackers that target e-commerce websites to inject credit card skimming scripts on checkout pages to steal unsuspecting customer’s credit card data and other payment details.
The scam uses an iframe, which looks like an authentic popup from PayPal, prompting users to enter their information to login. This data is then sent back to the hacker.
A security researcher discovered the scam and immediately reported his findings on twitter. “The first skimmer to deploy such a method,” he said.
He goes on to explain how hackers are having a tough time getting through secure paywalls such as PayPal. Some hackers will try to redirect users to bad PayPal copies which are easily identifiable as fake. But the latest Magecart scam goes through a lot of trouble to be as convincing as possible.
The scam hides malicious code inside an image hosted on the server of the compromised online store using a steganography method that security researchers first discovered last year.
The scam is so sophisticated it can actually take the info already submitted to the site and pre-fill the fake PayPal popup window with the user’s name and address, making it look legitimate and getting a much higher rate of victims filling in the rest of their payment info.
Thanks to data from @sansecio I stumbled upon a digital skimming / #magecart technique for injecting convincing PayPal iframes into the checkout process. It does this using postMessage, and I think this is the first skimmer to deploy such a method.
— Eric Brandel (@AffableKraut) November 30, 2020
Online shopping skimming fraud
The recent boom in online shopping has kept scammers busy. In September, Magecart hackers ran one of its largest campaigns to date with nearly 2,000 online stores hacked.
The scam effected tens of thousands of customers who had their credit card and other information stolen. It’s important to only shop with reputable online market places and be sure you are on the real site.