Thousands of Fake Shopping Sites Launched to Steal Credit Card Data During Black Friday
A new fraud campaign led by the Chinese threat actor SilkSpecter is leveraging 4,700 fake e-commerce websites to steal payment card details and personal information. These sites mimic popular brands and utilize legitimate payment processors like Stripe to deceive victims.
Threat Actor Details:
- The Chinese group SilkSpecter is behind the campaign.
- Operates 4,695 fake domains targeting U.S. and European shoppers.
Targets and Tactics:
- Impersonates major brands like North Face, IKEA, Lidl, and more.
- Promotes Black Friday discounts to lure unsuspecting buyers.
- Utilizes legitimate payment processors (e.g., Stripe) for credibility.
Phishing and Data Theft:
- Collects credit/debit card details, expiration dates, CVV codes, and phone numbers.
- Information is sent to attacker-controlled servers for misuse.
- Uses phone numbers for subsequent voice or SMS phishing.
Technical Tools and Indicators:
- Domains commonly use ".shop," ".store," ".vip," or ".top" extensions.
- Leverages Google Translate for language adjustments based on victim location.
- Tracks visitor behavior using tools like OpenReplay, TikTok Pixel, and Meta Pixel.
Attribution and Evidence:
- Indicators of Chinese origin include IP addresses, ASNs, domain registrars, and code.
- Previously used Chinese SaaS platforms for operations.
Safety Recommendations for Shoppers:
- Shop only on official brand websites.
- Avoid clicking on ads, social media links, or unverified search results.
- Use multi-factor authentication and monitor financial account activity regularly.
0 Comment(s)
Categories
- Other (42)
- Ransomware (127)
- Events and News (26)
- Features (45)
- Security (430)
- Tips (79)
- Google (22)
- Achievements (9)
- Products (33)
- Activation (7)
- Dealers (1)
- Bank Phishing (42)
- Malware Alerts (194)
- Cyber Attack (221)
- Data Backup (11)
- Data Breach (79)
- Phishing (139)
- Securty Tips (1)
- Browser Hijack (16)
- Adware (15)
- Email And Password (67)
- Android Security (56)
- Knoweldgebase (38)
- Botnet (15)
- Updates (3)
- Alert (70)
- Hacking (57)
- Social Media (7)
- vulnerability (54)
- Hacker (31)
- Spyware (8)
- Windows (6)
- Microsoft (21)
- Uber (1)
- YouTube (1)
- Trojan (2)
- Website hacks (3)
- Paytm (1)
- Credit card scam (1)
- Telegram (3)
- RAT (5)
- Bug (3)
- Twitter (2)
- Facebook (7)
- Banking Trojan (5)
- Mozilla (2)
- COVID-19 (5)
- Instagram (2)
- NPAV Announcement (5)
- IoT Security (1)
- Deals and Offers (1)
- Cloud Security (8)
- Offers (5)
- Gaming (1)
- FireFox (2)
- LinkedIn (2)
- WhatsApp (4)
- Amazon (1)
- DMart (1)
- Payment Risk (4)
- Occasion (2)
- firewall (1)
- Cloud malware (2)
- Cloud storage (2)
- Financial fraud (6)
- Impersonation phishing (1)
- DDoS (4)
- Smishing (2)
- Whale (0)
- Whale phishing (3)
- WINRAR (2)
- ZIP (2)
Recent Posts
Archive
Tags
cyber attack
phishing
data breach
ransomware
ransomeware
android malware
cyber security
financial security
malware
phishing attack
data stealing
ddos
critical vulnerability
cybercrime
trojan
twitter
cyber threat
financial fraud
phishing attacks
phishing email
microsoft
data theft
cert-in
lockbit
cyber threats
network security
india
clop gang
clop gang extorting
data security
user data leak
phishing scam
android
play store
whatsapp
clop
email phishing
pakistani hackers
cyber attack in india
independence day
cyber crime
malicious apps
december cyber attacks
phishing campaigns
server security
pakistan-backed hacker
android apps
cryptojacking
winrar
pune