Credit Card Fraud Reported After People Purchased OnePlus Smartphones

If you purchased OnePlus devices through the official site in the last few months, your credit card details could be at risk. Many users who bought OnePlus devices later reported suspicious activity on their credit card statement.

According to a security firm Fidus, the issue could be associated with how the payment process happens, not the OnePlus website. The site is developed using the Magento eCommerce platform which the researchers say has been targeted by attackers multiple times.

As the payments page is hosted on the OnePlus site, the credit card details can be intercepted by the attackers. They have a small window before the details get encrypted and sent to the third-party server for processing.

OnePlus Credit Card fraud payment page

In their official response made on the OnePlus forum, the Chinese smartphone maker said they’re investigating the credit card fraud reports and agreed that the buyers who used their credit cards directly to make purchases are among the affected ones.

OnePlus said all the payment processing is done on the servers of their payment service provider. When a buyer chooses “Save this card for future tractions,” the card details are stored on the third-party server. The OnePlus site only saves an encrypted token which is used by the payment server to fetch the payment details of the buyer.

OnePlus also clarified that they have been shifting away from Magento platform and re-designing their website with custom code. Also, they never used Magento’s payment module. So, it’s unlikely their site is affected by the Magento bugs discovered in the past.

While the company was quick to issue a statement, it doesn’t seem it would of much help to the buyers who got money sucked from their accounts. People who are seeing unknown transactions in their statement are advised to contact their banks immediately and get things sorted.

Also Read: Beware! Fake Spectre & Meltdown Patches Are Infecting PCs With “Smoke Loader” Malware
Aditya Tiwari

Aditya Tiwari

Aditya likes to cover topics related to Microsoft, Windows 10, Apple Watch, and interesting gadgets. But when he is not working, you can find him binge-watching random videos on YouTube (after he has wasted an hour on Netflix trying to find a good show). Reach out at [email protected]
More From Fossbytes

Latest On Fossbytes

Find your dream job