Malwarebytes experts have uncovered a new campaign by cybercriminals that aims to steal confidential data from unsuspecting users. The mageCart campaign involves attackers using fake pages to trick users into unwittingly sharing their personal information.
According to a recent report by Malwarebytes, attackers are using real logos of compromised online stores and setting up a modal window to completely hack the order page. This means that users thinking they are placing an order on a legitimate website are instead giving their valuable data to cybercriminals.
What’s more, the criminals are also using video cameras installed on ATMs to capture the input of the keyboard in the form of a visor of an ATM or extraneous linings, such as advertising materials, and then combining this with a skimmer to receive a PINcode. This allows them to withdraw cash from ATMs using fake cards that have data tracks and PINs that are original.
In addition, the skimmers can accumulate stolen information about plastic cards, or remotely transfer it to attackers who are nearby, putting users at further risk of financial loss.
This campaign highlights the need for increased vigilance and caution by users when shopping online. It’s important to ensure that the website you are using is legitimate and to be on the lookout for any signs that suggest it may not be. You should also be mindful of any unusual or suspicious activity on your bank accounts, and report any concerns to your bank immediately. By taking these steps, you can help protect yourself from falling victim to cybercriminals.