Recently a client was reporting a bogus checkout page appearing on their website. When trying to access their “my-account” page an unfamiliar prompt appeared in their browser soliciting credit card billing information:
This form was foreign to our client and was clearly placed during a website compromise. Interestingly, the website itself doesn’t even accept payments at all. If this was an attempt at a targeted credit card theft infection (as quite a few of them are) then the attackers best choose more carefully next time!