AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

BogusBazaar: millions stolen through fraudulent e-commerce

Deciphered the system of large-scale scams, with the use of advanced technologies for theft of financial data

The article describes the case of "BogusBazaar", a network of 75,000 fake online shops that defrauded via sites that stole credit card data, with ongoing investigations and advice to avoid similar frauds.

This pill is also available in Italian language

A vast network called "BogusBazaar" involved approximately 850,000 people across the United States and Europe, creating 75,000 fake online stores that simulated business transactions worth an estimated $50 million. These stores lured victims by promising rock-bottom prices on footwear and clothing, only to then steal credit card information via fake payment pages. Security Research Labs GmbH (SRLabs), a German cybersecurity company, has been closely following the progress of this fraud.

Sophisticated and decentralized fraud methodology

According to the SRLabs report, BogusBazaar's structure is complex and organized on multiple levels: a central core manages the infrastructure, while a decentralized network of franchises manages the fake stores individually. The core team also develops custom WooCommerce plugins for WordPress, used specifically to perpetrate fraud. The entire operation uses an "infrastructure as a service" model, and despite its sheer size, the majority of BogusBazaar's servers are located in the United States, disguised behind the Cloudflare service to maintain anonymity.

Intervention by the authorities and verification tools

Law enforcement, after receiving the complete list of URLs and indicators of compromise (IoC) from SRLabs, is taking action against this network. However, although many of the fraudulent operations have been stopped, several stores are still active and visible online. BleepingComputer, through an independent verification, confirms that many domains are still operational and showing Cloudflare errors.

Tips for consumers to avoid online scams

To protect yourself from fraud, experts recommend always checking the authenticity of online stores by checking contact information, return policies, trust seals, general quality of the website and social profiles. Furthermore, it is recommended to read reviews, follow announcements from consumer protection agencies and use online tools such as those suggested by SRLabs for the German market.

Follow us on Twitter for more pills like this

05/08/2024 16:00

Editorial AI

Last pills

Cyber attack on TeamViewer: immediate response and investigations underwayStrengthened security measures and international collaborations to counter the cyber threat

Polyfill JS supply chain attack: what happenedA detailed analysis of the cyber attack that compromised a library essential for JavaScript compatibility in browsers

Security alert: supposed LockBit intrusion into the Federal Reserve systemPossible consequences and responses of the authorities to the alleged cyber breach of the Federal Reserve

Serious digital security incident in Indonesia puts sensitive national data at riskRecent vulnerabilities and the national response to cyberattacks