HomeRisk ManagementsFake Online Stores Scam More than 850,000 Shoppers

Fake Online Stores Scam More than 850,000 Shoppers

Published on

spot_img

Security researchers have raised a red flag for online shoppers as they have uncovered a sophisticated network of fake e-commerce stores aimed at stealing credit card details and money from unsuspecting victims.

The BogusBazaar network, primarily operated from China, has been flagged by Security Research (SR) Labs for processing over one million orders since 2021. It is estimated that more than 850,000 shoppers have fallen prey to this scam, with the majority hailing from Western Europe and the US. These victims are believed to have collectively placed orders totaling over $50 million for items that do not actually exist. However, not every transaction results in successful payment, meaning that the financial impact may be slightly lower than the total amount mentioned.

Despite failed payments, the perpetrators behind this network are still able to harvest valuable personal information and credit card details through fake payment pages, as reported by SRLabs. In some instances, victims may receive counterfeit items, but more often than not, they are left with nothing to show for their purchases.

Shoppers are lured into these fake online shops with promises of luxury and branded goods at prices that seem too good to be true. The scammers strategically choose expired domains with a strong Google reputation for their websites, which run on platforms like WooCommerce WordPress, Zen Cart, or OpenCart.

According to SR Labs, there are currently 22,500 active domains associated with the BogusBazaar network, although they have identified over 75,000 domains in total that have been used by the scammers. The group operates on an ‘infrastructure-as-a-service’ model, with a central team managing the infrastructure while a network of franchisees handle the day-to-day operations of the fraudulent stores.

The core team behind BogusBazaar is responsible for setting up the infrastructure and managing a small number of fake web shops. They develop software, deploy backends, and customize various WordPress plugins to support their fraudulent operations. The network primarily utilizes servers located in the US, with each server hosting approximately 200 fake e-commerce stores, some of which support over 500 stores. Each server is linked to more than 100 IP addresses.

The daily operations of these fake online stores are managed by franchisees, primarily based in China. SRLabs highlighted that payment pages are rotated regularly to evade detection, especially if a particular page has been flagged for fraudulent activity.

SRLabs has shared its findings with key stakeholders such as network infrastructure operators, payment providers, and search engines in the hopes of prompting swift action against this widespread fraud scheme. Vigilance and caution are advised for online shoppers, especially when encountering deals that seem too good to be true.

Source link

Latest articles

AI Tackles the Cyclospora Outbreak

Labs Employ AI to Accelerate Testing Amid Cyclospora Outbreak As the summer of 2026 unfolds,...

New Trick Discovered by Hackers to Collect Microsoft Entra User Data Stealthily

Heightened Security Awareness Required as OAuth Spoofing Campaigns Emerge Overview In a recent advisory, the security...

Hackers Conceal Lua Loaders in Fake TTF Files to Distribute Remcos, XWorm, and Agent Tesla

Growing Threat: Exploitation of Trusted File Formats by Cybercriminals In a troubling trend, cybersecurity experts...

EU Orders Google to Open Android to Compete with AI Agents

The recent regulatory developments by the European Union (EU) have significant implications not only...

More like this

AI Tackles the Cyclospora Outbreak

Labs Employ AI to Accelerate Testing Amid Cyclospora Outbreak As the summer of 2026 unfolds,...

New Trick Discovered by Hackers to Collect Microsoft Entra User Data Stealthily

Heightened Security Awareness Required as OAuth Spoofing Campaigns Emerge Overview In a recent advisory, the security...

Hackers Conceal Lua Loaders in Fake TTF Files to Distribute Remcos, XWorm, and Agent Tesla

Growing Threat: Exploitation of Trusted File Formats by Cybercriminals In a troubling trend, cybersecurity experts...