Cybercriminals are using typosquatting (the practice of changing one letter in a trusted site name to use as a malicious URL) Malicious domains masquerading as Google sites are the latest ploy by payment card-skimming adversaries looking to dupe website visitors. Credit card skimmers on Magento sites are not a new phenomenon, but the campaign shows that the bad actors are constantly evolving their tactics as the infections become more widespread. The skimmer does have a twist, however, in the form of checking for developer tools.
Source: https://threatpost.com/google-sites-card-skimming-thieves/146694/