BogusBazaar: millions stolen through fraudulent e-commerce
Deciphered the system of large-scale scams, with the use of advanced technologies for theft of financial data
The article describes the case of "BogusBazaar", a network of 75,000 fake online shops that defrauded via sites that stole credit card data, with ongoing investigations and advice to avoid similar frauds.
A vast network called "BogusBazaar" involved approximately 850,000 people across the United States and Europe, creating 75,000 fake online stores that simulated business transactions worth an estimated $50 million. These stores lured victims by promising rock-bottom prices on footwear and clothing, only to then steal credit card information via fake payment pages. Security Research Labs GmbH (SRLabs), a German cybersecurity company, has been closely following the progress of this fraud.
Sophisticated and decentralized fraud methodology
According to the SRLabs report, BogusBazaar's structure is complex and organized on multiple levels: a central core manages the infrastructure, while a decentralized network of franchises manages the fake stores individually. The core team also develops custom WooCommerce plugins for WordPress, used specifically to perpetrate fraud. The entire operation uses an "infrastructure as a service" model, and despite its sheer size, the majority of BogusBazaar's servers are located in the United States, disguised behind the Cloudflare service to maintain anonymity.
Intervention by the authorities and verification tools
Law enforcement, after receiving the complete list of URLs and indicators of compromise (IoC) from SRLabs, is taking action against this network. However, although many of the fraudulent operations have been stopped, several stores are still active and visible online. BleepingComputer, through an independent verification, confirms that many domains are still operational and showing Cloudflare errors.
Tips for consumers to avoid online scams
To protect yourself from fraud, experts recommend always checking the authenticity of online stores by checking contact information, return policies, trust seals, general quality of the website and social profiles. Furthermore, it is recommended to read reviews, follow announcements from consumer protection agencies and use online tools such as those suggested by SRLabs for the German market.
Follow us on Telegram for more pills like this05/08/2024 16:00
Marco Verro