The campaign, which has been active for months, uses thousands of phishing websites that mimic the design and product listings of well-known retailers — including Apple, PayPal, Nordstrom, Hermes, and Michael Kors — to trick users into entering their credit card information. Researchers previously uncovered a similar campaign in which cybercriminals allegedly defrauded hundreds of thousands of consumers by compromising legitimate shopping websites and redirecting users to fake online stores. The campaign has not been attributed to a specific threat actor, but Silent Push said technical indicators within the hackers' infrastructure, including code containing Chinese-language terms, suggest the involvement of cybercriminals based in China. The scheme relied on malicious code to generate fake product listings and manipulate search engine rankings, increasing the visibility of scam pages and attracting unsuspecting shoppers. Researchers have uncovered a sprawling network of fraudulent retail websites impersonating major global brands in an effort to steal payment data from online shoppers. Further investigation by cybersecurity firm Silent Push revealed a much broader fake marketplace operation targeting English and Spanish-speaking users across multiple countries beyond Mexico. Retail-themed phishing scams are a common tactic used by cybercriminals to target online brands and shoppers, and in recent months several high-end fashion companies have reported cybersecurity incidents. Many of the fraudulent websites have been taken down by hosting providers, but as of last month thousands remained active, Silent Push said. Image: An example of images used on fake shopping sites that were identified by researchers at Silent Push. Some of the spoofed sites appear convincing, featuring scraped product listings and fake checkout pages.
This Cyber News was published on therecord.media. Publication date: Wed, 02 Jul 2025 18:40:53 +0000