An international investigation by The Guardian, Die Zeit and Le Monde gives an inside look at what the UK’s Trading Standards Institute Chartered Trading Standards Institute) described as one of the largest scams of its kind, generating 76,000 fake websites.
The data analyzed by journalists and IT experts shows that this operation is very well organized, technically intelligent and constantly executed.
Industrial-scale hackers have created tens of thousands of fake online stores offering discounted items from Dior, Nike, Lacoste, Hugo Boss, Versace, Prada and many other premium brands.
These sites appeared to be created in a variety of languages, from English to German, French, Spanish, Swedish and Italian, and were designed to lure buyers into handing over money and confidential personal data.
However, the sites have no connection to the brands they claim to sell, and in many cases, users who reported their experiences said they did not receive any goods.
The first fake chain stores appear to have been created in 2015. According to the data analysis, more than 1 million were executed in the last three years alone. “orders”. Not all payments were successfully made, but the analysis shows that the group may have tried to embezzle up to 50 million during this period. euros. Many stores have closed, but a third of them – more than 22,500 – are still open.
To date, approximately 800,000 people, almost all in Europe and the US, have shared their email. email addresses, and 476,000 of them shared their debit and credit card details, including the three-digit security code. All of them also revealed their names, phone numbers, e-mails to the network. mailing and postal addresses.
Katherine Hart, head of the Certified Trading Standards Institute, described the activity as “one of the biggest scams I’ve seen online from fake shops”. She added: “These people are often part of serious and organized criminal groups, so they collect data and can then use it against people, making users more vulnerable to fraud attempts.”
“Data is the new currency,” said Jake Moore, global cybersecurity advisor at software company ESET. He warned that such repositories of personal data could also be valuable to foreign intelligence agencies for surveillance purposes. “More broadly, one has to believe that the Chinese government could potentially have access to this data,” he added.
The existence of a network of fake shops was revealed by the German cyber security consulting company Security Research Labs (SR Labs), which obtained several gigabytes of data and shared them with Die Zeit.
A core group of programmers seems to have developed a semi-automated system for building and launching websites that allows them to be deployed quickly. This group appears to have operated some of the stores themselves, but allowed other organizations to use the system. Registration logs show that since 2015 at least 210 users have joined the system.
Matthias Marx, a consultant at SR Labs, described the model as “franchise-like.” He said: “It was a very similar model: The core team is responsible for developing the software, implementing it and keeping the network running. Franchisees manage the day-to-day operations of the scam stores.”
Aim for data, not money
It happened a few weeks before Christmas. 54-year-old Melanie Brown from Shropshire (England) was looking for a new handbag. She uploaded an image of one of her favorite German designer products to Google Lens. Immediately, a website appeared where the handbag was offered at 50% off. cheaper than the usual retail price of £200 (approx. €230). She put it in the basket.
“It seduced me,” she said. After picking out her handbag, she noticed other designer clothes from her favorite high-end brand, Magnolia Pearl. She found dresses, blouses and jeans and paid £1,200 (around €1,400) for 15 items. “I got a lot for the money, so I thought it was worth it.”
But Ms. Brown was duped. For nearly a decade, the chain, which operated out of China’s Fujian province, used what appeared to be a single software platform to create tens of thousands of fake online stores. And not only clothing stores, but also toys and lamps.
For this study, 49 people who claim to have been cheated were interviewed. The Guardian spoke to 19 from the United Kingdom and the United States. Their testimonies show that these sites were not created to sell counterfeit goods. Most people didn’t get anything in the mail. A few received, but the goods were not what they ordered. One buyer from Germany paid for a jacket and got cheap sunglasses. One British buyer received a fake Cartier ring instead of a shirt, while another buyer was sent a non-branded jumper instead of the Paul Smith branded jumper he paid for.
Surprisingly, many who tried to shop did not lose money. Either their bank blocked the payment or the fake store itself didn’t process it. However, all interviewees have one thing in common: they shared their personal data.
Simon Miller, director of policy and communications at Stop Scams UK, said: “Data can be more valuable than money. If you get hold of someone’s card details, that information is invaluable later to get hold of a bank account.”
SR Labs, which works with corporations to protect their systems from cyberattacks, believes fraudsters operate on two levels. The first is credit card data collection, where the fake payment gateway collects credit card data but no money is debited. The second is fake sales, where criminals embezzle money. There is evidence that the network took payments processed through PayPal, Stripe and other payment services, and in some cases directly from debit or credit cards.
The chain used defunct domains to host its fake stores, which experts say can help avoid detection by website or brand owners. The network appears to have 2.7 million database of such expired domains and performs tests to check which ones are the best to use.
The network appears to have originated in Fujian Province. Many IP addresses can be traced back to China, some of them in the Fujian cities of Putian and Fuzhou.
Payroll documents found in the data show that the individuals were employed as developers and data collectors and were paid through Chinese banks. Three employment contract templates were also found listing the employer as Fuzhou Zhongqing Network Technology Co Ltd.
A company officially registered in China and given an official unique identification number lists its address as Fuzhou, the capital of Fujian.
Fuzhou Zhongqing Network Technology Co Ltd is currently looking for programmers and data collectors on Chinese recruitment sites. The data collection specialist’s salary is 4,500-7,000 Chinese yuan (about 600-900 euros) per month, and the company is described as a “foreign trade company, mainly producing sports shoes, fashion clothes, branded bags and other goods”.
The Fuzhou Zhongqing company did not respond to The Guardian’s request for comment.
Adapted from The Guardian.
Tags: gave money personal data Chinese scammers decided buy designer products online
-
