Casio UK’s Checkout Chaos: When Web Skimmers Get Creative!
A threat actor infected Casio UK’s website with a web skimmer that cleverly avoided the checkout page, tricking users into entering sensitive information elsewhere. Jscrambler reports the skimmer altered payment flow, collecting data without raising suspicion—unless you count that growing sense of dread when you’re asked to re-enter your credit card details.
Hot Take:
Looks like Casio UK’s website just got a crash course in “How to Lose Customer Trust in 10 Days.” Who knew that a trip to buy a calculator could leave you calculating the odds of identity theft? It seems like hackers are getting creative with their phishing schemes, turning a checkout process into a checkout circus. Talk about a shopping experience that’s a real page-turner—except for the checkout page, of course!
Key Points:
- Casio UK’s website was infected with a web skimmer affecting all pages except the checkout page.
- Attackers altered the payment flow to harvest users’ personal and financial information.
- The skimmer infection lasted from January 14 to January 24 before being removed.
- The attack mimicked a legitimate checkout process but redirected users to a fake form.
- The skimmer code came from a Russian hosting provider and shared similarities across 17 infections.