The FBI has issued a security alert stating that reports of people falling victim to online shopping scams have increased significantly. In particular, according to reports, the victims of online shopping scams found the sites of scammers either through direct searches on popular web search engines, or through ads on SOCIAL MEDIA. In addition, victims bought items from these sites because prices were consistently lower than those offered by other online retailers.
Loss of $ 420 million from online scams in five years
According to a report released by the FTC in July, the number of reports of online shopping scams appears to be steadily increasing since 2015. In 2019, more than 86.000 reports of victims of online shopping scams were recorded, including reports of orders that never arrived to their destination. As of 2015, approximately $ 420 million has been lost in total to victims of online shopping scams.
In addition, during April and May 2020, the FTC received more reports of problems with online shopping than in any other month, with half of shoppers claiming they never received what they ordered.
Last year, the Malwarebytes discovered a big online shopping scam that used hundreds of "fraudulent" sites to target consumers looking for the best possible offer for their latest shoes Nike, Adidas and Off-White. When buyers received sneakers from these scam sites, they found that they were not the sneakers they had ordered, and many reported that they did not even receive their order.
The worst part is that those behind it scam, also provided fake sites with malicious Magecart scripts that they used to steal buyers' credit card information.
How To Find An Online Shopping Scam Site?
Based on the information gathered from the victims' reports, the FBI states that the fake online shopping sites had a lot in common, including the following:
- Disposable masks sent by China received regardless of the order.
- Payments were made using an online money transfer service.
- Retail sites provided valid but unrelated addresses and phone numbers in USA below the link "Contact us", convincing victims that the retailer is in the US.
- Many of the sites used content that had been copied from legitimate sites. In addition, the same unrelated addresses and phone numbers were found in many retailers.
According to the FBI, all attempts by the victims of fraud to obtain the items they had ordered or to be reimbursed were unsuccessful.
The U.S. Department of Homeland Security has released other information that could allow users to identify shopping sites used to commit similar scams, including the following:
- Instead of .com, fake sites used top-level Internet (TLD) domains ".Club" and ".top".
- The sites offered merchandise at significantly reduced prices.
- The URL or web addresses were registered recently (within the last six months).
- The sites used content copied from legitimate sites and often shared the same contact information.
- The sites were advertised on social media.
- The scammers used a private domain registration service to avoid the publication of personal information in the Public Internet Directory Whois.
The FBI advises online shoppers to be wary of any online retailers using free services. e-mail as a business contact and offering significantly reduced prices, compared to other online vendors. Buyers are also advised to look for complaints and reviews from other buyers about any suspicious online portal as well as contact information pages to make sure the online retailer is a legitimate business entity.