Phish ‘n’ Ships Exposed: 1000+ Infected Sites Stealing Tens of Millions
Cyber crimes have no stop signs! Weekly, cyber attacks per organization increased by 30% averaging 1,636. This is another addition to the long list of cybersecurity attacks!
HUMAN Security, Inc., a global cybersecurity company, uncovered a huge fraudulent operation called “Phish ‘n’ Ships.” This scam has stolen millions of dollars from individuals by leveraging their payment card information through fake online stores.
Here’s What Happened!
The hackers used over 200 fake online shops and over 1,000 infected websites to trick consumers looking for hard-to-find items, especially when many shop online for gifts during the holiday season. They used SEO to ensure their fake listings were high in search results.
These websites had fake product links that redirected users to the fraudulent stores. As soon as they land on the website, third-party payment processors collect credit card information, and the purchase is confirmed. However, the product never arrived, and confidential credit card information was used for fraudulent activities.
Also Read: One Year, 140,000+ Phishing Websites: The Impact of Sniper Dz
How was the Threat Resolved?
The HUMAN team collaborated with payment services to remove the fake product listings from Google search results and shut down the scammers’ accounts.
However, the threat is not entirely gone, as HUMAN’s Satori Threat Intelligence and Research team revealed that 121 fake shops were still active during their investigation.
To conclude, cyberattacks like these are executed successfully because consumers cannot distinguish what’s genuine and what’s not! But now, it’s time for everyone to stay cautious before making any purchases online.
Also Read: Phishing Attacks Explained: How to Spot and Prevent Online Scams?
Some Tips to Help You Stay Safe:
- Always check the URL of the site you are about to purchase from. Look for the secure connection sign (https://).
- Only shop on well-known websites. When any new site is in question, check if it has been mentioned or reviewed by trusted sources or platforms.
- Never click on any link, email, or social media ads of offers that seem too good to be true. These links are usually the ones leading you to a counterfeit website.
- Set up multi-factor authentication on all your accounts.
- Regularly check your bank and credit card statements for any unauthorized transactions.