Kaspersky researchers have uncovered a new technique for stealing users’ payment information on online shopping websites, dubbed web skimming.
By registering for Google Analytics accounts and injecting these accounts’ tracking code into the websites’ source code, attackers can collect users’ credit card details. Web skimming is a popular practice used by attackers to steal users’ credit card details from the payment pages of online stores, whereby attackers inject pieces of code into the source code of the website.
This malicious code then collects the data inputted by visitors to the site (i.e. payment account logins or credit card numbers) and sends the harvested data to the address specified by attackers in the malicious code.
Kaspersky researchers found a new fraudulent technique that steals online payment detailsRead More
