CLEOR : la bijouterie en ligne victime d’un skimmer numérique

Read this article in English La bijouterie en ligne française CLEOR, active dans 136 bijouteries, a été infectée d’un skimmer JavaScript. Le code malveillant injecté est conçu pour envoyer les données bancaires aux criminels sur le formulaire de paiement en ligne légitime de Cleor. Skimmers sur les boutiques en ligne Cette attaque compte de nombreuses caractéristiques liées aux attaques de skimmer de Magecart. Semblable aux skimmers de cartes physiques, les…

May 22, 2019
Read More >>

Fake news is bigger than PayPal

Presently, the most impersonated UK institution is not a bank nor a Government department, but the Daily Mirror, which is used to promote cryptocurrency scams. The scale of these cryptocurrency scams is substantial, such that there are currently more fake Daily Mirror front pages than PayPal phishing login forms. An example is an article on how Richard Branson would bring “Financial Freedom for ALL UK Residents”. Fraudsters impersonate news websites…

May 22, 2019
Read More >>

French jewellery chain Cleor falls victim to skimming attack

Netcraft recently discovered that French jewellery retailer Cleor—which operates 136 boutiques across France—was infected with a malicious JavaScript skimmer. The injected code sent the fraudster a copy of the credit card details entered by unsuspecting Cleor customers during the legitimate checkout process. Shopping Site Skimmers This attack has many of the hallmarks of JavaScript skimming attacks associated with Magecart. Similar to physical card skimmers, credit card credentials are invisibly stolen…

May 14, 2019
Read More >>

May 2019 Web Server Survey

In the May 2019 survey we received responses from 1,326,664,693 sites across 235,011,143 unique domain names and 8,726,985 web-facing computers. Although this reflects a gain of 1.12 million domains and 113,000 computers, there has been a loss of 119 million sites. This month’s relatively large drop in sites (-8.2%) includes a 10.3 million reduction in the number of websites that are served by nginx, just a month after it became…

May 10, 2019
Read More >>

Most Reliable Hosting Company Sites in April 2019

The most reliable hosting company site in April 2019 belonged to Choopa.com – it responded to all of Netcraft’s requests and had the fastest average connection time of 4.597ms. Choopa.com provides cloud hosting, dedicated servers, colocation and managed services from its primary data centre in Piscataway, New Jersey, and also has facilities in Los Angeles, Amsterdam and Tokyo. ViaWest.com, in second place, also responded to each of Netcraft’s requests and…

May 2, 2019
Read More >>

Well known UK bank vulnerable to impersonation for five years

Netcraft has found that Halifax has been left vulnerable to convincing impersonation attacks for five years. The operator of a website promoting Spanish hotels is able to send and receive emails on the official Halifax online banking domain, and get legitimate security certificates issued for the same domain. Halifax Online Halifax operates its online banking service on a separate domain (halifax-online.co.uk) to its main website (halifax.co.uk). The entry point to…

April 15, 2019
Read More >>

Most Reliable Hosting Company Sites in March 2019

Rackspace had the most reliable hosting company site in March 2019. This is the second month in a row, and the third time in the last 12 months, that Rackspace has topped the ranking. Rackspace offers a range of managed dedicated and cloud hosting solutions. The top five hosting company sites each responded to all of Netcraft’s requests in March; to break the tie they are ranked by average connection…

April 2, 2019
Read More >>

March 2019 Web Server Survey

In the March 2019 survey we received responses from 1,462,021,378 sites, 232,162,099 unique domains, and 8,526,624 web-facing computers. This reflects a loss of 15.8 million sites, but a gain of 2.57 million domains and 160k web-facing computers. The March survey brings major upheaval in the domains metric. A large 8 million domain switch from Microsoft to nginx at GoDaddy has allowed nginx to overtake Microsoft to gain second place. Many…

March 28, 2019
Read More >>

Fake EV certificates used in Steam trade phishing attacks

An extremely convincing phishing attack that impersonates a multi-game skin trade bot appears to be using a fake Extended Validation TLS certificate to steal Steam accounts. The phishing site displaying a fake Extended Validation certificate indicator. The ongoing phishing attack impersonates TradeIt.gg, which facilitates the trading of skins, weapons and other in-game commodities within popular games like CS:GO, TF2 and DOTA. When a victim attempts to sign in through Steam…

March 12, 2019
Read More >>

Most Reliable Hosting Company Sites in February 2019

Rackspace had the most reliable hosting company site in February 2019, and has now appeared in the top 10 eight times in the past 12 months. Rackspace offers a range of managed dedicated and cloud hosting solutions. The top three hosting company sites responded to each of Netcraft’s requests in February. Bigstep appears in second place, making February the third consecutive month it has appeared in the top three. Bigstep…

March 6, 2019
Read More >>