Phishing attacks are typically initiated via email, text/SMS messages, or instant messages which drive unsuspecting victims to phishing websites designed to deceive them into thinking they are visiting a legitimate site and allows the malicious cyber actors to steal user data, including login credentials and credit card numbers.

2018 Stripe Phishing Scam - Fraudulent Login Landing Page

2018 Phishing Campaign Against Stripe Payment Processing Users

Over the years, cybercriminals have deployed increasingly sophisticated scams to deceive users of payment processing systems—particularly small and medium sized business owners—into compromising their accounts by unknowingly divulging account credentials. Here’s an example of a recent phishing campaign from Fall 2018 targeting Stripe users.