Attackers spoof these pages by hiding malicious code to steal customers’ credit card information.
This method is one of three options identified by researchers at Akamai Security Intelligence Group. The other two methods involve simulating a Meta Pixel code snippet by hiding the code in the “onerror” attribute of the image’s HTML tag and in the image’s binary code.
The skimmer or data-stealing program either masquerades as a Meta Pixel code snippet or hides in random embedded scripts on the infected checkout page.
After entering data into a fake form, the victim receives a fake “session timeout” error message. At the same time, all information is encoded in base64 format and sent to the attacker.
Source: Ferra
I am a professional journalist and content creator with extensive experience writing for news websites. I currently work as an author at Gadget Onus, where I specialize in covering hot news topics. My written pieces have been published on some of the biggest media outlets around the world, including The Guardian and BBC News.
