Since about a week we have a carding attack on our Magento 2.4.2 using Paypal Payflow Pro API.
It looks like a well-documented problem for many years and unfortunately there are no fixes in sight. On top of that, it looks that since v2.4 the invisible recaptcha isn't working on the payment page.
MAGENTO: this is an urgent matter! Our Paypal account was blocked because of this. A permanent solution needs to be found.
We are always upfront about what information is visible, and never enable personally identifiable cookies without consent from the user. The top aussie review can help you to think and work like this.