Chinese crooks behind one of the world’s ‘biggest online scams’ have tricked 800,000 people from Europe and the US into providing card details and personal details through stores selling fake designer goods

By William On May 8, 2024

Research has revealed that Chinese scammers using fake websites to sell designer products at huge discounts have made off with the credit card details and personal details of up to 800,000 people in Europe and the US.

The scheme, which has been labeled by a UK trading standards body as one of the biggest ever scams of its kind, involves more than 75,000 websites carrying the logos of various high-end brands – from Nike to UNIQLO and from Paul Smith to Cartier – who claim to sell products. merchandise at low prices.

English versions of the sites are accompanied by duplicates in several European languages, including French, German, Spanish and Italian, designed to deceive unsuspecting shoppers from the continent to North America.

And while roughly two-thirds of them have now been disabled, researchers believe more than 22,500 are still active and continuing to deceive bargain-hunting online shoppers.

SR Labs, a German cybersecurity consultancy that exposed the scam, said a group of programmers appeared to have created a system to quickly generate and deploy new sites, dramatically expanding their reach.

The Chinese group, dubbed ‘BogusBazaar’ by SR Labs, is alleged to have defrauded millions of pounds, euros and dollars from their victims (stock image)

Chinese scammers have used fake websites claiming to sell designer products at huge discounts to steal people’s data

The Chinese group, dubbed ‘BogusBazaar’ by SR Labs, is said to have defrauded millions of pounds, euros and dollars from their victims since it launched the first sites in 2015.

It is believed that around 476,000 people have shared their debit and credit card details, including their three-digit security number.

But in many cases, the scammers were not after money. Customers were often told at checkout that their bank, or the website itself, had rejected the payment request.

While the money may have remained in their accounts, their personal information – including full name, address, credit card number and three-digit security code – was all in the hands of the scammers.

“Data is the new currency,” said Jake Moore, a global cybersecurity consultant at software company ESET, told The guard.

“The bigger picture is that you have to assume that the Chinese government may have access to the data,” he said.

SR Labs consultant Matthias Marx explained how a small team of programmers appeared to have developed a system that can partially automate the generation and publishing of new versions of scam sites, allowing the team to rapidly scale their operations.

A wider team is then brought in to oversee and manage these sites in a sort of ‘franchise’ model.

English versions of the sites are accompanied by duplicates in several European languages, including French, German, Spanish and Italian, designed to deceive unsuspecting customers

He explained that a core team develops the software and supports the operation of the network, while franchisees “manage the day-to-day operations of fraudulent stores.”

SR Labs chose to share the results of their research with the German newspaper Die Zeitwho then teamed up with The Guardian and French outlet Le Monde to dig deeper.

Their research found that there was a wide variety in the brands and companies that the Chinese developers used to build their scams.

While many of the brands were big haute couture hits, such as Christian Dior, the researchers also found sites that mimicked British high street favorites, such as shoemaker Clarks, as well as fraudulent pages targeting people with a taste for the work of individual designers.

The products they claimed to sell were not just limited to fashion.

Websites were found pretending to flog everything from children’s toys to household items and garden furniture to car parts.

The sites were unrelated to the brands they claim to sell and consumers who used them told the investigation they never received the items they thought they had purchased.

However, the sites still managed to trick shoppers into sharing their information.

Personal data collected during the scam could prove valuable for foreign intelligence services and surveillance purposes.

This week it emerged that as many as 272,000 British soldiers may have been affected by a data breach.

Defense Secretary Grant Shapps blamed the attack on a “malicious actor” but could not confirm reports that China was behind the intrusion.

The cyber attacks that hit Britain

– March 2024

Britain and the United States accused China of a global campaign of “malicious” cyber attacks in an unprecedented joint operation to expose Beijing’s spying.

Britain publicly accused China of targeting the Electoral Commission watchdog and behind an online “scouting campaign” targeting the email accounts of MPs and peers.

The Electoral Commission attack was identified in October 2022, but the hackers had first gained access to the commission’s systems in more than a year since August 2021.

– December 2023

A Foreign Secretary told the House of Commons that private conversations of high-profile politicians and officials were compromised by Russia’s top security service during ‘sustained’ attempts to interfere in British politics.

A cyber influence campaign by a group known as Star Blizzard, “almost certainly” a subordinate of an FSB cyber unit, had been “selectively leaking and amplifying information” since 2015.

– July 2022

The British military confirmed a ‘breach’ on its Twitter and YouTube accounts. The channel featured videos about cryptocurrency and images of billionaire businessman Elon Musk.

The official Twitter account had retweeted a number of posts that appeared to be related to NFTs (non-fungible tokens).

– July 2021

Britain accused the Chinese government of being behind “systematic cyber sabotage” after a hacking attack that affected a quarter of a million servers around the world. The attacks, which took place in early 2021, targeted Microsoft Exchange servers.

– April 2021

Britain accused Russia’s foreign intelligence service of being behind a major cyber attack on the West.

The Foreign, Commonwealth and Development Office (FCDO) said the National Cyber Security Center (NCSC) had assessed it was “highly likely” that the SVR was responsible for the so-called SolarWinds hack.

– July 2020

Britain, the United States and Canada accused Russian spies of targeting scientists seeking to develop a coronavirus vaccine.

The three allies said hackers linked to Russian intelligence were trying to steal the secrets of research institutions around the world, including in Britain.