Cybercriminals Use LiveChat Platform for Real-Time Phishing Scams

LiveChat exploited in phishing scams: attackers pose as Amazon and PayPal agents to steal personal data via fake customer support.

By Content Team

Mar 17, 2026

ON THIS PAGE

Share

---

ON THIS PAGE

Want more insights like this?

Subscribe to our newsletter to get the latest software protection strategies delivered to your inbox.

By submitting your email, you consent to Codekeeper contacting you and agree to our privacy policy.

Attackers are exploiting the customer support platform LiveChat to conduct sophisticated phishing campaigns that steal credit card details and personal data. Cofense researchers discovered two attack methods: fake PayPal refund emails and generic order confirmation messages that redirect victims to LiveChat pages mimicking legitimate customer support.

Once connected, human operators impersonating Amazon or PayPal agents use social engineering tactics to extract credentials, MFA codes, and financial information through seemingly trustworthy conversations. The personal interaction makes victims less cautious, increasing success rates.

This marks the first recorded abuse of LiveChat for phishing, essentially creating an online version of voice phishing attacks that feel like real customer service interactions.

Source: Dark Reading

Share this article

Have questions about protecting your software?

Our escrow experts are standing by to help.

Book a free demo

YOU MAY ALSO LIKE

750,000 People Hit by Major Data Breach at Canadian Investment Watchdog

Jan 16, 2026

M&S Cyber Attack Chaos Leaves More Questions Than Answers

Feb 18, 2026

eScan Antivirus Hit by Supply Chain Attack, Delivers Malware to Users

Jan 31, 2026

VS Code Configs Expose GitHub Codespaces to Supply Chain Attacks

Feb 5, 2026