Fake online stores, growing cyber attacks create new dangers for shoppers during holidays

According to reports recently released by two cybersecurity companies, the growing number of fake shopping sites, misleading domains, and hacked e-commerce sites are just some of the threats facing online shoppers and businesses this holiday season.

A report published last Tuesday by Netcraft, a London-based company dedicated to combating cybercrime and protecting against digital risks, showed that from August to October this year, the number of fake stores increased by 110% compared to the same period in 2023.

According to the report, the increase in the number of fake stores is caused by the use of large language models by attackers. The report explains that LLMs are used to create long and concise text for product descriptions on these sites.

As Netcraft Software Engineering Lead Will Barnes explains, in the past, scammers have used off-the-shelf e-commerce software to create their stores. The product descriptions on the websites were either empty or taken from official websites.

“Using LLMS allows attackers to provide higher-quality images of products and brands, as well as create more attractive advertisements in email messages,” said Jim Routh, director of trust management at Saviynt, an identity and access management solutions company in El Segundo, California.

Kimberly Sutherland, vice president of fraud and identity strategy at LexisNexis Risk Solutions, a global data analytics and services company, noted that using URLs that closely resemble a brand’s store to steer shoppers to a fraud site isn’t new. However, consumers could usually tell when they were on a fraudulent site.

According to Netcraft, the source of tens of thousands of fake stores is an e-commerce technology platform called Shopyy.   Shopyy, based in China, offers a wide range of technical solutions to help retailers create and optimize online stores, promote their products and accept various types of payments, according to the Netcraft report.   Shopyy also provides hosting and domain registration services on behalf of store operators.

In a report released Nov. 15, FortiGuard noted that cybercriminals are using AI models like ChatGPT to craft convincing phishing emails, mimicking legitimate communications from retailers and banks, which increases the effectiveness of their scams, especially during peak shopping periods.

The FortiGuard report also notes that attackers are stepping up efforts to exploit online shopping trendsIt warned that thousands of holiday-themed domains imitating trusted brands such as Amazon and Walmart were being registered in order to deceive consumers with fake offers and promotions.

Popular platforms such as Adobe Commerce, Shopify, and WooCommerce are prime targets due to weak configurations and outdated plugins. Attackers implement sniffers to collect customer data and use RCE exploits to gain administrative access to trading platforms.