Phishing Campaign Exploits Webflow CDN for Credit Card Theft
/ 1 min read
🎭 Widespread phishing campaign exploits Webflow CDN to steal credit card information. A new phishing scheme has emerged, utilizing fake PDF documents hosted on the Webflow content delivery network to deceive users into providing sensitive financial information. Victims searching for documents on search engines are directed to these malicious PDFs, which contain a CAPTCHA image linked to a phishing site. After completing a legitimate-looking CAPTCHA, users are misled into entering their credit card details, only to receive error messages that prompt them to try again. This ongoing attack, noted by Netskope Threat Labs, highlights the evolving tactics of cybercriminals, including the use of a new phishing kit named Astaroth, which allows for real-time interception of credentials and two-factor authentication codes.
