"Fake Online Stores Scam Over 850,000 Shoppers"

Security researchers at Security Research (SR) Labs have warned online shoppers to be on their guard after revealing news of an extensive network of fake e-commerce stores designed to steal victims’ card details and cash. Operated primarily from China, the researchers noted that the BogusBazaar network has processed over one million orders since 2021. The researchers estimated that over 850,000 shoppers have already fallen victim, mostly from Western Europe and the US. Shoppers are estimated to have ordered over $50m worth of non-existent items since 2021, although not every order results in successful payment, so the financial damage is expected to be somewhat lower. The researchers stated, however, that even if payment isn’t successful, the scammers behind the operation will be able to harvest the victim’s card details and personal information via fake payment pages. The researchers noted that in some cases, counterfeit items are shipped to the victim, but often they receive nothing. The researchers said that shoppers are lured to the fake web shops by legitimate-looking websites selling luxury and branded items at low prices. The scammers typically choose expired domains with good Google reputation, with the stores running on the WooCommerce WordPress plug-in, Zen Cart, or OpenCart. The researchers claimed that 22,500 domains are currently active, although they have recorded over 75,000 in total used by the network.

Infosecurity Magazine reports: "Fake Online Stores Scam Over 850,000 Shoppers"