A Fake Payment Page That Reused CSP Trust and Exfiltrated via WebRTC
A Fake Payment Page That Reused CSP Trust and Exfiltrated via WebRTC A fake payment page is dangerous enough when it tricks shoppers into entering
As a leader in the Retail sector, you’ve likely experienced an ecommerce surge over the past two years that was once predicted to take a decade. Along with this surge comes the demand for new tools and partners to enhance the user experience, collect visitor analytics, process credit cards, and more. You need to be in the driver’s seat and be able to constantly evolve your web properties – but you know from Security and Compliance that they have major concerns every time you seek to add new script from 3rd party partners.
Your partner ecosystem does put you at risk of both data leakage and data theft. Security incidents and data privacy non-compliance incidents could put your organization at risk of losing millions. As a party responsible for driving e-commerce revenue, it is critical that you understand this risk.
Below you can find a number of resources that will help you better understand the critical need to protect your digital checkout lanes – the need to protect data at the point of input.
Should you have any questions – open a chat or drop a request for a meeting.
A Fake Payment Page That Reused CSP Trust and Exfiltrated via WebRTC A fake payment page is dangerous enough when it tricks shoppers into entering
NEW MAGECART ATTACK USES WEBRTC TO BYPASS CSP, THEN TRIPS ON MANGENTO 2 A newly observed Magecart-style skimmer shows how attackers can bypass Content Security
FROM FIREBASE TO GTM: HOW MAGECART MOVED DEEPER INTO GOOGLE INFRASTRUCTURE A persistent Magecart actor has steadily moved its client-side attack chain deeper into trusted
MAJOR US AUTO BRAND SITES HIT BY MAGECART If you recently visited the online storefront of a major US car manufacturer, your credit card data
The recent rapid growth in ecommerce is causing an uptrend in sales for brands, marketplaces, and other online retail venues. However, it’s also fueling an entirely different trend — the growth in client-side cyberattacks driven through retail web applications.
Client-side attacks represent some of the biggest security and compliance threats today for retailers. The unfortunate result of these attacks is massive data theft, including customer personally identifiable information (PII) and financial data such as credit card information.
65% of ecommerce shoppers say that “experiencing even a single data security breach would prompt them to leave a merchant for good.”
To avoid becoming the subject of a devastating headline and losing a vast majority of your customers, client-side attacks on retail web applications should be high on the list of security and compliance threats your organization needs to address immediately.
Download the white paper to dive into: