About 500 e-commerce websites were recently found to be compromised by hackers who installed a credit card skimmer that surreptitiously stole sensitive data when visitors attempted to make a purchase.
“The Natural Fresh skimmer shows a fake payment popup, defeating the security of a (PCI compliant) hosted payment form,” firm researchers wrote on Twitter. “Payments are sent to
https://naturalfreshmall[.]com/payment/Payment.php.”
If your credit card company provides single use, or pausable, virtual cards, it is well worth the effort to make use of those. You can use a virtual card once, and then delete it. This is especially necessary on foreign, or never before used, sites. For regular payments, I've set up a separate virtual card with a tight monthly limit.
See
Hundreds of e-commerce sites booby-trapped with payment card-skimming malware#
technology #
ecommerce #
malware #
fraud #
security Magecart hackers strike again.