Magecart is a threat actor that is known for using modal forms to steal customer data. Recently, they have rolled out a new technique that is even more convincing than before.

The technique involves using modal forms that are designed to look and feel like they belong on the website. These forms will often have the same look and feel as a normal form on the website and even use the same input fields. However, the form is actually a malicious form that is designed to capture customer data.

Once the customer enters their information, the data is sent directly to the Magecart attackers, who can then use it for their own purposes. This technique is particularly dangerous because it can be hard to detect, as the form looks and feels like it belongs on the website.

The best way to protect against this type of attack is to make sure that any forms on your website are secure and that they are not being used by malicious actors. Additionally, it is important to ensure that any forms that are being used by third parties are also secure. Finally, it is important to keep an eye out for any suspicious activity on your website and take steps to address any potential security issues.