With online fraud hitting a record high in 2023, experts say scammers are exploiting Black Friday sales to run fake websites and ads for big brands like IKEA, Wayfair and The North Face. It warns that it is targeting US shoppers.
A new report released by threat intelligence firm EclecticIQ identifies campaigns that use “Trusted Store” badges to operate vast networks of fake websites to lure shoppers with fake products.
When consumers try to make a purchase, scammers steal their personal and payment information. Consumers often do not realize they have been scammed until they do not receive the product.
According to FBI data, online fraud reports in 2023 accounted for more than $12.5 billion in potential losses, a 22% increase from 2022. Officials say increasingly sophisticated scams are using tools such as AI to enhance their campaigns.
Cody Barrow, CEO of EclecticIQ, told CBS News: “It seems like everyone is shopping online now, but reliance on digital platforms is making these groups more vulnerable than ever. “We now have a wide attack surface area.” “Unfortunately, the effects are likely to extend into next week.”
scam
EclecticIQ has announced that it has identified at least 8,000 fake sites luring shoppers with big “sales” on popular brands. These websites are not affiliated with the brands they purport to represent, but are designed to look like official sites and use authentic-looking URLs.
In one example, a site pretending to be Wayfair used the URL wayfairtoday.com. Another site used the URL wayfairblackfriday.com. The website was registered in early November and offered bogus “deals” such as reducing the price of an $800 mattress to $39.
CBS News also found ads that used the Wayfair logo and directed users to other fake sites posing as retailers. As of Friday, it has been removed from Meta’s ad library. Wayfair told CBS News it actively monitors fraud to ensure customers are protected.
Analysts found Chinese coding and Chinese IP addresses on the site, indicating that the phishing campaign was run by a group based in China. IKEA told CBS News it is investigating one of the fraudulent websites using the name identified by EclecticIQ.
Separately, ads on Facebook and Instagram using The North Face logo directed users to counterfeit sites. The ad was removed as a policy violation, and The North Face told CBS News it was working with Mehta and “other partners” to combat fraudulent sites.
“Scammers are taking advantage of every available online platform and are constantly evolving their tactics to evade enforcement,” Meta spokeswoman Erin Logan said. “In this case, our systems proactively detected and removed many of these ads before they were reported to us.”
In February, the Federal Trade Commission released data showing that online shopping scams were the second most common scam reported in 2023.
Experts say fraudulent sites and ads remain a pervasive problem. “Many of the fraudulent sites are short-lived campaigns, so there are ongoing efforts to identify new sites,” Ilya Vorovik, Director of Record Future Payment Fraud Intelligence, told CBS News. told. “Some long-running scam sites change their ‘sale’ ads based on holidays.”
Tips to protect yourself
Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, said consumers should take precautions, remain vigilant when shopping online and act quickly if they believe they have been scammed. I said it was necessary.
Protect your account. Experts recommend setting up multi-factor authentication and strong, unique passwords for all your accounts, including shopping and banking sites.
Avoid unknown links: Be wary of links from unsolicited emails and text messages. Instead, use a search engine to navigate to the retailer’s website.
Look for red flags. Be wary of websites that offer deals that sound too good to be true or that use excessive pop-ups or urgent language. If in doubt, please leave the site.
Check out the website. Check out reviews from other shoppers who have used this site. Visit the Better Business Bureau website. This website maintains a database containing ratings for millions of companies.
If you believe you have been a victim of fraud, notify your bank immediately to reverse the charge. You should also change your passwords for your online accounts. If you experience harassment or repeated attempts to steal more information, report it to the police.
Experts also recommend freezing your credit with the three major credit bureaus if your personal information is exposed in a data breach. This ensures that even if a scammer obtains your Social Security number, your personal information will not be stolen.