LiveChat Phishing Scam Impersonates Amazon and PayPal, Targeting Credit Card and MFA Data
What Happened — Attackers hijack LiveChat widgets on compromised or spoofed websites, posing as Amazon or PayPal support agents in real‑time. Victims are tricked into providing credit‑card numbers and multi‑factor authentication (MFA) codes, which are then harvested for fraudulent transactions.
Why It Matters for TPRM —
- Third‑party live‑chat services become a direct conduit for credential theft.
- Compromise of payment data can cascade to downstream vendors and partners.
- The scam exploits trust in well‑known brands, increasing the likelihood of successful social engineering.
Who Is Affected — Retail/e‑commerce sites that embed LiveChat, payment processors, and any organization that relies on LiveChat for customer support.
Recommended Actions — Review all LiveChat implementations for secure configuration, enforce strict verification procedures for support agents, and ensure MFA is protected against social‑engineering. Conduct phishing awareness training focused on live‑chat interactions.
Technical Notes — Attack vector: real‑time phishing via compromised LiveChat widgets. No specific CVE cited. Data exfiltrated includes credit‑card numbers and MFA one‑time passwords. Source: HackRead