Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit Gruppo ECP Advpress Automationtoday AI DevwWrld CyberDSA Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Asian Integrated Resort Expo Middle East Low Code No Code Summit TimeAI Summit

BogusBazaar: millions stolen through fraudulent e-commerce

Deciphered the system of large-scale scams, with the use of advanced technologies for theft of financial data

The article describes the case of "BogusBazaar", a network of 75,000 fake online shops that defrauded via sites that stole credit card data, with ongoing investigations and advice to avoid similar frauds.
Gruppo ECP

WE TURN YOUR GOALS INTO REALITY
Your competitive advantage starts here
DISCOVER HOW

Gruppo ECP

WE TURN YOUR GOALS INTO REALITY
Your competitive advantage
starts here
DISCOVER HOW

This pill is also available in Italian language

A vast network called "BogusBazaar" involved approximately 850,000 people across the United States and Europe, creating 75,000 fake online stores that simulated business transactions worth an estimated $50 million. These stores lured victims by promising rock-bottom prices on footwear and clothing, only to then steal credit card information via fake payment pages. Security Research Labs GmbH (SRLabs), a German cybersecurity company, has been closely following the progress of this fraud.

Sophisticated and decentralized fraud methodology

According to the SRLabs report, BogusBazaar's structure is complex and organized on multiple levels: a central core manages the infrastructure, while a decentralized network of franchises manages the fake stores individually. The core team also develops custom WooCommerce plugins for WordPress, used specifically to perpetrate fraud. The entire operation uses an "infrastructure as a service" model, and despite its sheer size, the majority of BogusBazaar's servers are located in the United States, disguised behind the Cloudflare service to maintain anonymity.

Intervention by the authorities and verification tools

Law enforcement, after receiving the complete list of URLs and indicators of compromise (IoC) from SRLabs, is taking action against this network. However, although many of the fraudulent operations have been stopped, several stores are still active and visible online. BleepingComputer, through an independent verification, confirms that many domains are still operational and showing Cloudflare errors.

Tips for consumers to avoid online scams

To protect yourself from fraud, experts recommend always checking the authenticity of online stores by checking contact information, return policies, trust seals, general quality of the website and social profiles. Furthermore, it is recommended to read reviews, follow announcements from consumer protection agencies and use online tools such as those suggested by SRLabs for the German market.

Follow us on Threads for more pills like this

05/08/2024 16:00

Marco Verro

Last pills

Discovery of vulnerability in Secure Boot threatens device securityFlaw in the Secure Boot system requires urgent updates to prevent invisible intrusions

North korean cyberattacks and laptop farming: threats to smart workingAdapting to new digital threats of remote work to protect vital data and infrastructures

Intelligent chatbots and steganography: new threats to IT securityEmerging challenges for cybersecurity between AI, steganography, and behavioral analysis

Advanced cybersecurity for AI containers: challenges and technological solutionsChallenges and innovative solutions to ensure the security of containerized AI infrastructures