Over 800 Phony “Temu” Domains Lure Shoppers into Credential Theft

By Deeba Ahmed Blank Image, Fake Link: Unraveling the Temu Phishing Scam Targeting Senior Shoppers! This is a post from HackRead.com Read the original post: Over 800 Phony "Temu" Domains Lure Shoppers into Credential Theft...

Baby clothing giant Carter’s exposed trove of shoppers data

By Waqas Carter’s failure to implement proper authentication protocols on the store’s parcel tracking pages exposed data and shoppers to scams. This is a post from HackRead.com Read the original post: Baby clothing giant Carter’s exposed trove of shoppers data...

Popular Shopify app exposes private data of thousands of shoppers

By Deeba Ahmed Another day, another breach leaking personal details of unsuspected users - This time, it is Shopify dropshipping app Topdser. This is a post from HackRead.com Read the original post: Popular Shopify app exposes private data of thousands of shoppers...

Cyber Monday - The Biggest Shopping Day of the Year?

Do you remember when Cyber Monday wasn't a thing? In late November 2005, The New York Times reported: "The name Cyber Monday grew out of the observation that millions of otherwise productive working Americans, fresh off a Thanksgiving weekend of window shopping, were returning to high-speed...

New Grelos Skimmer Variants Siphon Credit Card Data

Just as seasonal online shopping kicks into high gear, new variants of the point-of-sale Grelos skimmer malware have been identified. Variants are targeting the payment-card data of online retail shoppers on dozens of compromised websites, researchers warn. The Grelos skimmer malware has been...

Home Depot Confirms Data Breach in Order Confirmation SNAFU

Home Depot has exposed the private order confirmations of hundreds of Canadian consumers, containing names, physical addresses, email addresses, order details and partial credit-card information. After customers began reporting that they had received hundreds of emails from the home-improvement...

Mobile network operator falls into the hands of Fullz House criminal group

Update 2020-10-05: The malicious code has been removed from Boom! Mobiles website Most victims of Magecart-based attacks tend to be typical online shops selling various goods. However, every now and again we come across different types of businesses which were affected simply because they happene...

Magecart Attack Impacts More Than 10K Online Shoppers

One of the largest known Magecart campaigns to date took place over the weekend, with nearly 2,000 e-commerce sites hacked in an automated campaign that may be linked to a zero-day exploit. The attacks have impacted tens of thousands of customers, who had their credit-card and other information...

Magecart’s Success Paves Way For Cybercriminal Credit Card 'Sniffer' Market

The Magecart threat group has dominated headlines for its use of malicious JavaScript code, which is injected into e-commerce websites to exfiltrate customer payment card data. But new research points to a growing industry on underground forums where so-called “sniffers” are being advertised, sol...

Credit card skimmer masquerades as favicon

Malware authors are notorious for their deceptive attempts at staying one step ahead of defenders. As their schemes get exposed, they always need to go back to their bag of tricks to pull out a new one. When it comes to online credit card skimmers, we have already seen a number of evasion...

Amazon Takes a Swipe at PayPal's $4 Billion Acquisition

The retail giant warned holiday shoppers that Honey, a popular browser extension, was a “security risk.” Honey denies the claim...

How to Protect Holiday Shoppers from Bots and Scammers

It’s the most wonderful time of year for gift card scammers. With Black Friday, Cyber Monday and the holidays just around the corner, consumers will spend billions on gift cards for hard-to-shop-for friends, family, and colleagues. Imperva VP Tiffany Olson Kleemann was interviewed on Good Morning...

GitHub hosted Magecart skimmer used against hundreds of e-commerce sites

Every day, new e-commerce websites fall into the hands of one of the many Magecart skimmers. Unbeknownst to shoppers, criminals are harvesting their personal information, including payment details in the online equivalent of ATM card skimming. Most often the skimming code—written in JavaScript an...

Picture perfect: How to drive the best shopping experiences with the right images

This article originally appeared on Internet Retailer. There are several key variables that retail marketing and web teams should consider when delivering high-quality images for engaging online shoppers. The quality, format and size of an image must all be considered to ensure that vivid images...

Tech support scam uses fake Shoppers Stop site to lure thousands

Update 2018-05-17: Shoppers Stop is a legitimate company based out of India and their brand was abused by scammers. These days, there are a lot of browser locker campaigns fueled by malvertising or redirection from hacked sites. But the Shoppers Stop tech scam campaign is actually a bit of both,...

online.mystery-shoppers.co.uk XSS vulnerability

Open Bug Bounty ID: OBB-456811 Description| Value ---|--- Affected Website:| online.mystery-shoppers.co.uk Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1 CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N Remediation Guide:| OWASP XSS...

GameStop Online Shoppers Officially Warned of Breach

GameStop customers received breach notification warnings this week, cautioning them that their personal and financial information could have been compromised nine months ago. According to postal letters sent to customers, GameStop said an undisclosed number of online customers had their credit ca...

mysteryshoppersamerica.com XSS vulnerability

Open Bug Bounty ID: OBB-187130 Description| Value ---|--- Affected Website:| mysteryshoppersamerica.com Open Bug Bounty Program:| Create your bounty program now. It's open and free. Vulnerable Application:| Custom Code Vulnerability Type:| XSS Cross Site Scripting / CWE-79 CVSSv3 Score:| 6.1...

www1.shoppersdrugmart.ca XSS vulnerability

Vulnerable URL: https://www1.shoppersdrugmart.ca/home Details: Description| Value ---|--- Patched:| Yes, at 01.10.2015 Latest check for patch:| 01.10.2015 12:17 GMT Vulnerability type:| XSS Vulnerability status:| Publicly disclosed Alexa Rank| 16551 Google Pagerank| 6 VIP website status:| Yes Che...

Why Protecting Your Magento Ecommerce Website Is So Damn Important

The Market of E-commerce websites is at its peak, as today people love to shop online to save their time. However, E-commerce and financial sites stand first in the rundown of potential victims as they manage financial exchanges. The traditional way to target victims of e-commerce sites is to use...