This alert may not be shared outside your organization, Do Not Repost or send, place on other websites, List servers, or send to others via email, including other associations or parties. Members and Law enforcement use only. Contact us for any permissions. To do otherwise will result in the loss of membership.
Complete Story
03/30/2020
Tupperware Website Compromised with Credit Card Skimmer
The State of Security
Digital attackers compromised the website of kitchen and household products manufacturer Tupperware with a credit card skimmer.
On March 20, researchers at Malwarebytes observed that attackers had compromised tupperware[.]com by hiding malicious code within an image file. This code activated when a user attempted to check out and complete their purchase on Tupperware’s online store. At that time, it displayed a fraudulent form as an iframe for the purpose of collecting a user’s credit card credentials.
A closer look at this incident revealed that the iframe had loaded from deskofhelp[.]com. Registered on March 9 by someone using the email address elbadtoy@yandex[.]ru, this domain was located on a server at 5.2.78[.]19 along with other phishing domains at the time of discovery.
Alerts
The FRPA alert system distinguishes us from other groups by gathering and providing information to law enforcement, retailers AND financial institutions.
more information
Resources
Your electronic library to help in fighting financial fraud for all of our partners.
more information