Cybercriminals using fake Google domain to infect the Credit card skimmer in Magneto websites using Internationalized domain name (IDN) EX: google-analytîcs[.]com or xn--google-analytcs-xpb[.]com ASCII.
The technique is similar to the phishing attack and the attacker’s selected the domain name that looks like a legitimate one to fool victims to access it without noticing that the domain is not a perfect match with the original domain.
Similar to the other credit card skimmers, it captures the user’s input data using the document.getElementsByTagName function and store it.