Zscaler has uncovered online scams on Magento’s eCommerce platform that collect credit card information from unsuspecting consumers. There are also tech support pop-up scams that employ scare tactics to encourage the user to call paid support services to remove fake viruses.
Also, new “tech support pop-up scams” are targeting websites that run on the DotNetNuke (DNN) content management system. The fake tech support pages use scare tactics and pop-up ads that tell the user that their computer is infected and instruct the user to call paid support service to remove the infection.
Another variant of the tech support pop-up drops an audio file called “help-msg.mp3.” The file instructs the user to call the tech support toll-free number in order to remove a backdoor Trojan from the user’s computer.
Magento eCommerce is used by many websites to integrate payments into their portals. Credit card hijack attacks are not new and remain a threat for data leakage. Many users are not able to identify fake forms in the payment pages of a genuine website. The user believes that the fake payment page is genuine and inputs their credit card information.
Content management systems and platforms are targeted by cybercriminals, but it is not clear how the platforms become infected. It could be through false server administration credentials or by exploiting a weakness in the platform.
Zscaler is actively monitoring the threats related to the tech support scams and Magento credit card hijack campaign, but it advises administrators to keep their websites patched with the latest security updates.