Attackers are using fake Google domains spoofed with the help of internationalized domain names (IDNs) to host and load a Magecart credit card skimmer script with support for multiple payment gateways. The attack was detected after the owner of a website had its domain blacklisted by McAfee’s SiteAdvisor service. Magecart groups are highly dynamic and effective cybercrime groups known to have been around since at least 2015, with their campaigns being as active as ever four years later and rarely showing any dips.
Source: https://www.bleepingcomputer.com/news/security/hackers-inject-multi-gateway-card-skimmer-via-fake-google-domains/

