A German security company, Security Research Labs, has uncovered a sprawling network of more than 75,000 fraudulent online sales sites that generated more than $50 million in illegal revenue around the world. In France alone, the latter, BogusBazaar, received nearly 200,000 orders which were never delivered to their recipients.
A ” fake site factory “. This is how our colleagues on the site The world describe BogusBazaar, so named by the German security company, SR Labs. Because it is indeed a vast network, like these factories which run racks of smartphones simultaneously for large-scale fraud.
The principle of this infrastructure-as-a-service is as old as the world of phishing. It involves luring customers to fake online sales sites with attractive offers and stealing their banking information, when it is not making them order goods that they will not receive or, at best cases, counterfeit items.
Infrastructure-as-a-service orchestrated from China by servers hosted in the United States
SR Labs discovered during its investigation that BogusBazaar operates exactly like a multinational corporation, with a central team responsible for general network management, such as applications and payment gateways, and a parallel network of franchisees who take care of the fraudulent stores. If we don’t know how many of these ghost stores are online, when we know that a BogusBazaar server associated with a hundred IP addresses can host up to 500 stores, we can barely imagine the number of tentacles that this octopus illegal can deploy.
BogusBazaar has two strike forces to loot its victims. He first lures them to his fraudulent stores with offers too tempting to be true, then steals payment information using fake secure payment pages. BogusBazaar’s second weapon is the actual sale of counterfeit goods, which customers sometimes will not receive. And if, in this case, the payment fails, then the customer is redirected to a fake payment page which will also steal their banking details.
How to avoid falling into the trap of fraudulent online sales sites
This network of fake sites should remind us how present this scam is on the Web, whether through fraudulent online stores exploiting an active or inactive domain name, or through redirection links to false pages, sent to victims of phishing attempts. And if BogusBazaar does not resort to phishing strictly speaking, the fact remains that we must remain very vigilant when we make online purchases. Clubic gives you some advice on how to make your purchases safely and avoid falling into the phishing trap.
First of all, make sure the website is reliable. Avoid sites with a dubious reputation and check the legal notices and the site address. Also look for possible scam reports associated with their name. Make sure it’s secure by checking that the URL starts with “https://” and that a closed padlock is present.
Next, be particularly vigilant against phishing attacks. Pay attention to newsletters and incentive emails. Some seek to extort your personal or banking data. Phishing attempts sometimes hide in fraudulent emails that escape spam filters and land in your main mailbox.
Learn to identify them: an unknown email address with spelling mistakes or strange characters should alert you. Compare it to other messages received from the same person or organization, and if it differs, be careful. Next, pay attention to the date and time of sending. An email received at an unusual time, especially at night, from an organization normally inactive at that time, should arouse your suspicions. Also be careful of alarmist messages or messages that encourage you to act urgently.
Finally, never click on attachments or hyperlinks from unknown emails. They may contain malware that is dangerous for your device. Hover over the links without clicking to check the redirect URL. If an email asks for personal or banking information, tricks you into clicking on a link or attachment, or addresses an alarming topic with an urgent request, it’s likely a phishing attempt.
Sources: SR Labs, The world
5