• Latest

Fake Google Domains Target Magento Users

July 26, 2019
The ai Corporation extends collaboration with Shell to utilise cutting-edge Autopilot Machine Learning to protect Shell Card users from fraud

The ai Corporation extends collaboration with Shell to utilise cutting-edge Autopilot Machine Learning to protect Shell Card users from fraud

September 19, 2023
Sift Named a Leader in Fraud Detection, E-commerce Fraud Detection, and Risk-Based Authentication on G2

Sift Named a Leader in Fraud Detection, E-commerce Fraud Detection, and Risk-Based Authentication on G2

September 15, 2023
VISA Amends Its Dispute Management Guidelines for Merchants

Visa Research Highlights Emerging Fraud Schemes in Retail and eCommerce

September 15, 2023
World ID and the Hidden Dangers of Self-Sovereign Identities

World ID and the Hidden Dangers of Self-Sovereign Identities

September 15, 2023
Adversarial AI fraud attacks: The ticking time bomb of fraud prevention

Adversarial AI fraud attacks: The ticking time bomb of fraud prevention

August 17, 2023
5 Rampant Fraud Tactics for Merchants and Consumers to Stay Vigilant Against

5 Rampant Fraud Tactics for Merchants and Consumers to Stay Vigilant Against

August 15, 2023
Chargeflow Secures $14m in Funding led by OpenView to Fuel its AI-Driven Chargeback Automation Solution Market Expansion

Chargeflow Secures $14m in Funding led by OpenView to Fuel its AI-Driven Chargeback Automation Solution Market Expansion

September 20, 2023
SEON Raises $94 Million Series B to Address Exponential Growth of Online Fraud

Effectiv announces additional $4.5 million in seed funding

July 30, 2023
nSure.ai Awarded Second Patent Empowering Merchants to Strike Back at Fraudsters

nSure.ai Awarded Second Patent Empowering Merchants to Strike Back at Fraudsters

July 26, 2023
Dark Web Price Index 2023: Unraveling the Evolving Landscape of Underground Trade

Dark Web Price Index 2023: Unraveling the Evolving Landscape of Underground Trade

July 24, 2023
Justt survey show more people are engaging in chargebacks in 2023

Justt survey show more people are engaging in chargebacks in 2023

July 20, 2023
Ravelin releases Global Fraud Trends Fraud & Payments Survey 2023

Ravelin releases Global Fraud Trends Fraud & Payments Survey 2023

July 17, 2023
  • Contribute
  • Contact Us
  • About
  • Join Us
  • Advertise
Friday, September 22, 2023
Merchant Fraud Journal
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
  • Home
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Resources
    • Recorded Webinars
    • Podcasts
    • Vendor Directory
    • eCommerce Fraud Reports
    • Training and Certifications
    • Jobs Board
    • Associations and Non-Profits
  • News
No Result
View All Result
Merchant Fraud Journal
No Result
View All Result

Fake Google Domains Target Magento Users

by Bradley
July 26, 2019
in News

TheDigitalArtist / Pixabay

Fraudsters are using fake Google domains to target Magento customers, the Sucuri Blog reports. In a post to their website, they describe Magento users contacting them about McAfee Site Advisor sending them warnings. Unfortunately, it appears a credit card skimmer using JavaScript loaded from the malicious ‘google-analytîcs[.]com‘ web address is responsible.

The domain is a well known ruse by hackers who prey on its use of the well known Google Analytics domain and brand name to trick unsuspecting users. This tactic is well known, but effective.

“The input data capture is similar to other Magento credit card stealers we have posted about before,” the post said. “It uses the loaded JavaScript to capture any input data using the document.getElementsByTagName and input or stored element names for capturing drop down menu data.”

A Comprehensive Attack

Interestingly, the attack code will change its behavior based on if a user has DevTools open, and what kind.

For both Chrome and Firefox, the presence of open tools stops the attack. This is a highly sophisticated tactic that helps the attack go undetected by and remain under the radar. Moreover, the attack can use all of the most popular payment gateways. This includes solutions with integrated eCommerce fraud prevention tools like PayPal This allows it to cast a wide net and gives each successful infection the best chance of success.

In addition to the skimming, the malware executes a second attack. This attack sends users to a second fake domain ‘google[.]ssl[.]lnfo[.]cc:‘. This code collects information from Magento’s user admin configuration, which hackers can use to conduct subsequent attacks.


Source: https://blog.sucuri.net/2019/07/fake-google-domains-used-in-evasive-magento-skimmer.html

Tags: Credit Card SkimmingMagento
TweetShareSend
Previous Post

Malwarebytes Labs Cybercrime Tactics and Techniques Q1 2019 Report Released

Next Post

How Online Web Skimming Attacks Work

Next Post

How Online Web Skimming Attacks Work

Our Latest Reports

2023 Consumer Payments Survey Report

2023 Fraud Trends Report

2022 Chargeback Consumer Survey Report

Fraud Prevention Tactics that Enable Exceptional Customer Experience

Addressing Payment Fraud and The Customer Experience in 2022

2022 Fraud Trends Report

ATO Fraud In Retail Report

2022 Customer Experience Report

3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue

Digital Trust And Safety Report: Combating the Evolving Complexities of Payment Fraud

On-Demand Webinars

New Trends in The Payments Ecosystem

Balancing Customer Experience and Fraud Prevention: What’s the Secret?

Stopping Fraud Across the Customer Lifecycle

Addressing Payment Fraud and the Customer Experience in 2022

 

Get the 2023 Fraud Trends Report

Search Our Site

No Result
View All Result

Our Sponsors

Featured Directory Listings

  • Signifyd
  • Microsoft Dynamics 365 Fraud Protection
  • PayRetailers
  • Spotrisk
  • CB-ALERT
  • Corepay

Our Sponsors

Fraud Industry News

The ai Corporation extends collaboration with Shell to utilise cutting-edge Autopilot Machine Learning to protect Shell Card users from fraud

The ai Corporation extends collaboration with Shell to utilise cutting-edge Autopilot Machine Learning to protect Shell Card users from fraud

September 19, 2023
Sift Named a Leader in Fraud Detection, E-commerce Fraud Detection, and Risk-Based Authentication on G2

Sift Named a Leader in Fraud Detection, E-commerce Fraud Detection, and Risk-Based Authentication on G2

September 15, 2023
VISA Amends Its Dispute Management Guidelines for Merchants

Visa Research Highlights Emerging Fraud Schemes in Retail and eCommerce

September 15, 2023

Connect With Us

Quick Navigation

  • Home
  • News
  • Join Us
  • About Us
  • Contact Us
  • Advertise
  • Contribute
  • Privacy Policy

The Payments Media Network

Merchant Fraud Journal
Payments Review

Privacy Policy

Our Privacy Policy
Our Terms of Use

Resources

  • Articles
  • eCommerce Fraud Reports
  • eCommerce Fraud Webinars
  • Training and Certifications
  • Jobs Board
  • Associations and Non-Profits
  • Podcasts
  • Vendor Directory

Popular Posts

  • How to File a Claim With FedEx + What To Do If Claim is Denied

    How to File a Claim With FedEx + What To Do If Claim is Denied

    0 shares
    Share 0 Tweet 0
  • How Does Two-Factor Authentication (2FA) Work?

    0 shares
    Share 0 Tweet 0
  • How to Fight PayPal Chargeback Fraud

    0 shares
    Share 0 Tweet 0
  • The 7 KPIs of Fraud Prevention Success

    0 shares
    Share 0 Tweet 0

Featured Vendors

  • Signifyd
  • Microsoft Dynamics 365 Fraud Protection
  • PayRetailers
  • Spotrisk
  • CB-ALERT
  • Corepay

Download the 2023 Fraud Trends Report

No Result
View All Result
  • About Merchant Fraud Journal
    • Interested in Contributing or Guest Posting to Merchant Fraud Journal?
  • Advertise on Merchant Fraud Journal
  • Articles
    • Chargebacks
    • Fraud Prevention
    • Influencer Insights
  • Contact Us
  • Download Addressing Payment Fraud and Customer Experience Report
  • Download Chargebacks Consumer Survey Report 2022
  • Download Evolving Complexities of Payment Fraud Report
  • Download Fraud Prevention Tactics that Enable Exceptional Customer Experiences Report
  • Download Merchant Fraud Journal 2023 Fraud Trends Report
  • Download the 2020 Chargeback and Representment Report
  • Download the 2020 Merchant Fraud Journal Vendor Guide
  • Download the 2021 Fraud Trends Report
  • Download the 2022 Fraud Trends Report
  • Download the 2023 Consumer Payment Trends Report
  • Download the 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue Report
  • Download the MFJ 2022 Customer Experience Report
  • Download the MFJ ATO in Retail Report
  • Home
  • Job Dashboard
  • Join The Merchant Fraud Journal Community
  • Merchant Fraud Journal Advertising Agreement
  • MFJ Fraud Trends Report Giveaway
  • News
  • Post a Job
  • Privacy Policy
  • Resources
    • 2020 Chargeback Representment Guide for Merchants
    • 2020 Vendor Guide
    • 2023 Consumer Payments Survey Report
    • 3 Ways a Unified Chargeback Management and Fraud Platform Increases Revenue
    • Addressing Payment Fraud and the Customer Experience in 2022
    • Associations and Non-Profits
    • ATO Fraud In Retail Report
    • Balancing Customer Experience and Fraud Prevention: What’s the Secret?
    • Chargebacks Consumer Survey Report 2022
    • Digital Trust & Safety: Combating the Evolving Complexities of Payment Fraud
    • eCommerce Fraud Reports
    • eCommerce Fraud Webinars
    • Fraud Prevention Tactics that Enable Exceptional Customer Experiences
    • Fraud Prevention Training and Certifications
    • How to Build a Recession Proof Chargeback Prevention Strategy
    • How to Stop Fraud During the 2022 Holiday Season
    • Jobs Board
    • Merchant Fraud Journal 2023 Fraud Trends Report
    • Merchant Fraud Journal’s Fraud Trends 2020 Report
    • Merchant Fraud Journal’s Fraud Trends 2021 Report
    • Merchant Fraud Journal’s Fraud Trends 2022 Report
    • MFJ’s 2022 Customer Experience Report
    • New Trends in the Payments Ecosystem
    • Podcasts
    • Prevent High-Velocity Fraud Attacks During the 2021 Holiday Season
    • Stopping Fraud Across the Customer Lifecycle
    • Vendor Directory
    • Webinar – Addressing Payment Fraud and the Customer Experience in 2022
    • Webinar – Mitigating Fraud and Risk on the ACH Network
    • Win January Chargeback Disputes
  • Subscribed
  • Terms and Conditions

© 2021 Payments Media Solutions Canada Inc.

Are you sure want to unlock this post?
Unlock left : 0
Are you sure want to cancel subscription?