• Hype
  • Murai
  • Lipstiq
  • Varnam
  • Hangat
  • Autofreaks
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Mobile Gaming
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Artificial Intelligence
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
    • Contact Us
No Result
View All Result
Lowyat.NET
  • News
    • Lifestyle
    • Computing
    • Hardware
    • Internet
    • Rumours & Leaks
    • Software
  • Forums
    • Kopitiam
    • Tradezone
    • Property Talk
    • Finance & Business
    • Fast and Furious
  • Gaming
    • PC Gaming
    • Console
    • Mobile Gaming
    • Esports
  • Mobile
    • Apps
    • OS
    • Tablets
    • Phones
    • Telco
      • Celcom
      • DiGi
      • Maxis
      • Tune Talk
      • U Mobile
      • Buzzme
  • Pricelists
    • Compu-zoneUpdated
    • ViewnetUpdated
    • Sri ComputersUpdated
    • StartecUpdated
  • More
    • Artificial Intelligence
    • Automotive Tech
    • Drone
    • Enterprise
    • Entertainment
    • Fashion
    • E-Hailing
    • Wearables
    • Contact Us
No Result
View All Result
Lowyat.NET
No Result
View All Result

iPay88 Email API Breached, Used To Phish For Credit Card Details

by Vijandren
June 2, 2020
ipay88 security breach user card data compromised
Share on WhatsappShare on TelegramThreads

iPay88, a leading regional payment gateway provider based in Malaysia has suffered a breach involving its email API. While we are not able to ascertain at this point in time the extent of the breach, we can confirm that the compromised email API is, in turn, being used to send out very authentic sounding emails to unsuspecting customers –  urging them to key in their credit card information to a fake site, aptly parked at ipay88.org (iPay88’s legitimate site is hosted on ipay88.com and ipay88.com.my).

While most phishing emails are easily filtered out as spam by service providers like Google’s Gmail and Microsoft’s Outlook due to their dubious origins, this particular email carries all the necessary credentials to bypass all filters, simply because it is being sent from a bulk email service that has been pre-approved by iPay88.

ipay88 june2 email 01

A closer look at the email headers confirms that the phishing email originated from elasticemail.com, one of the two email services approved by iPay88 to send out emails to their customers and merchants. We have independently compared and verified legitimate emails and receipt mails sent out by iPay88 from both these email services even as far back as early 2019.

Annotation 2020 06 02 2014021

The email itself claims that there is an updated User Agreement Policy implemented by iPay88 that is required to ‘protect our client’s personal data’. As such, recipients of the email are encouraged to complete the verification by visiting ipay88.org, a fake phishing site set up to collect details as well as credit card information from unsuspecting users.

ipay88 dot org 01

iPay88 however, via a posting on their Facebook page, has denied that they have suffered any breach, and are instead blaming it on scammers who are randomly sending out emails based on scraped addresses from email lists. We have reached out to iPay88 for more information on their claims.

Annotation 2020 06 02 194728

If you’ve inadvertently keyed in your details at the ipay88.org phishing site, we urge you to immediately contact your bank to inform them that your card has been compromised and request for a replacement card.

Filed Under iPay88LeakPhishing
Updated 10:29 am, Thu, 4 June 20
SendShareShareShare2Tweet2

Follow us on Instagram, Facebook, Twitter or Telegram for more updates and breaking news. 

No Result
View All Result

TRENDING THIS WEEK

  1. 1
    Automotive

    MOF Officially Approves Budi Diesel Monthly Quota Increase To 300 Litres

  2. 2
    Fintech

    BNM To Phase Out Proprietary QR Payment Networks In Malaysia By 2028

  3. 3
    Mobile Phones

    Nothing Phone (4b) Now Official With 5,200mAh Battery, Vapour Chamber

  4. 4
    Gaming

    M4G Is Officially Bringing The Steam Machine Into Malaysia

  5. 5
    Fintech

    TNG Digital Explains How The 300-Litre BUDI Diesel Quota Works On Its eWallet

NETWORK

  • Hype
  • Murai
  • Lipstiq
  • Varnam
  • Hangat
  • Autofreaks

ABOUT

  • Advertise
  • Careers
  • Privacy Statement
  • Editorial Policy
  • Terms of Use
  • Contact Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
  • Forums
  • Laptops
  • Telco
  • Mobile
  • Gaming
  • Artificial Intelligence
  • Fintech
  • Cryptocurrency
  • Cyber Security
  • Hybrid Vehicles
  • Advertise with Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.

No Result
View All Result
  • News
  • Forums
  • Laptops
  • Telco
  • Mobile
  • Gaming
  • Artificial Intelligence
  • Fintech
  • Cryptocurrency
  • Cyber Security
  • Hybrid Vehicles
  • Advertise with Us

©2026 VIJANDREN RAMADASS. ALL RIGHTS RESERVED.