Fraudulent Chinese network uses 4,700 fake shopping sites to steal credit cards

A large-scale fraud network has been uncovered, using over 4,700 fake shopping websites to steal credit card information from unsuspecting online shoppers. According to a report by security researchers, the operation involves highly convincing e-commerce websites that mimic well-known brands and legitimate retailers. These sites impersonate brands such as the North Face, Lidl, Bath & Body Works, L.L. Bean, Wayfair, Makita, IKEA, and Gardena.

Each fake shopping site is carefully crafted to appear legitimate, often copying the design, logos, and product offerings of trusted brands. The scam is widespread, with the fake sites often being promoted through online ads, social media, and search engine results. Additionally, the group employs various methods to ensure their operation remains under the radar, such as using fake reviews, SEO manipulation, and rapidly rotating domain names to avoid blacklisting.

These fraudulent websites lure users by offering discounted products, typically at lower than market prices, to encourage purchases. Once a victim enters their credit card information, it is immediately captured and sent to the fraudsters for further exploitation, which can include unauthorized charges, identity theft, or reselling stolen data on the dark web.

The fake websites are well-designed and typically named after the impersonated brand to appear authentic at a quick glance. However, their sites usually use top-level domains like ‘.shop,’ ‘.store,’ ‘.vip,’ and ‘.top,’ which are not generally associated with large brands or trustworthy e-commerce sites.

When users attempt to purchase from those sites, they are redirected to a payment page that prompts them to enter their credit/debit card number, expiration date, and CVV code. A phone number is also requested at the final step.

The fraud campaign started in October 2024, offering steep discounts for the upcoming Black Friday shopping period that usually sees elevated shopping activity. The fraudulent network is believed to be operated by a group of cybercriminals using highly sophisticated systems designed to evade detection.

Online shoppers are advised to be cautious of suspiciously low-priced items and ensure they are buying from trusted and secure sites.

Shoppers are recommended only to visit official brand websites and avoid clicking on ads, links from social media posts, or promoted results on Google Search.

Finally, cardholders should activate all available protection measures on their financial accounts, including multi-factor authentication, and monitor their statements regularly.

Remember… “If a deal seems too good to be true, it probably is.”

Thanks to Bleeping Computer
https://www.bleepingcomputer.com/news/security/fraud-network-uses-4-700-fake-shopping-sites-to-steal-credit-cards/