Fraud Management & Cybercrime , Fraud Risk Management , Mobile Payments Fraud
FBI Warns of Surge in Fraudulent Shopping Websites
Victims Drawn to Malicious Sites Advertising Low PricesThe FBI has issued an alert warning that cybercriminals are creating fraudulent websites that mimic popular e-commerce sites.
See Also: OnDemand | 2024 Phishing Insights: What 11.9 Million User Behaviors Reveal About Your Risk
The alert notes that victims are being lured with offers placed on social media platforms and search engines for desirable products, such as face masks, at low prices. These offers then link to the fraudulent websites.
"Victims purchased items from these websites because prices were consistently lower than those offered by other online retail stores, and many of the websites used content copied from legitimate sites and often shared the same contact information," according to Monday's alert.
Those targeted by these scams have reported not receiving purchased items or receiving face masks even if they ordered something else, according to the FBI. When consumers complained, they were offered a partial refund.
Spotting Signs of Fraud
The fraudulent business practices are easy to spot, the FBI says (see: How Fraudsters Search for Victims Online).
The first clue is that the shopping site requires victims pay retailers using an online money transfer service. This should set off alarms, says Paul Bischoff, privacy advocate with the security research firm Comparitech.
"No legitimate retailer will require you to pay for consumer goods using an online money transfer service instead of a credit card or PayPal," Bischoff says.
Another aspect of these scams is victims are sometimes told to return the incorrect items to China but must pay high postage fees. Or victims are offered a partial refund if they don’t return the items received, the FBI notes.
Malicious Websites
The FBI advises consumers to make sure the top-level domain in a website's URL is “.com”. The fraudulent websites used top-level domains such as ".club" and ".top," according to the alert.
"Scam and phishing sites use subdomains to obscure the TLD. For example https://www.amazon.com.scam.top/gp/best-sellers. The TLD always appears before the first single slash in a URL," Bischoff says. "In this example, it's .top, not .com. Because of the limited URL space on mobile devices, the TLD might not be visible unless you actually tap on it and inspect it."
The FBI urged victims of online shopping scams to report incidents to the Internet Crime Complaint Center or a local FBI field office.