As technology advances, cybercrimes become more and more diverse. Now, online crimes are targeting websites e-commerce that use WordPress. Through this new tactic, criminals gain access to card data during the payment process carried out by the consumer.
Criminals use different strategies to bypass website security
In recent times, there has been an increase in the WooCommerce extension and the insertion of malware that has allowed third parties to bypass security regulations and gain access to user data.
Previously, it was common to insert codes into websites, shopping areas and shopping carts. However, to ensure greater discretion, criminals have installed viruses in the gateway of the payment module. Thus, when the buyer confirms all the data and completes the purchase, the criminals have access to various information, such as telephone number, address and documents.
This new scam was titled “MageCart”. The online crimes attack e-commerce sites that use WordPress precisely on the compromised page and in communication with the world-renowned platform, “Authorize.net”, to verify the card.
Another point that prevents the security service from identifying this process is the way it is sent. All information is compressed into an encrypted image, using automatic passwords, and is mixed with legitimate traffic. This procedure makes it difficult to monitor systems in network traffic and locate them.
The security campaign for websites is based on the high number of scams and attacks that all WordPress users have suffered. Criminals have sought other ways after the adoption of code verification on pages. Now, they are dedicated to acquiring information at specific times.
In short, one of the possible ways to increase protection is to apply two-step authentication, check suspicious traffic and create strong passwords by users. This reduces the likelihood of product sales pages and merchandising suffer more attacks.