Hundreds of thousands of people lost money by trusting the wrong online stores.
An international investigation conducted by The Guardian, Die Zeit and Le Monde has uncovered one of the largest Internet fraud schemes in history. Hundreds of thousands of people in Europe and the United States were victims of a large-scale leak — fraudsters stole their personal data and bank account details through fake online stores. As a result, tens of millions of euros were stolen.
According to data obtained by journalists and cybersecurity experts, this highly organized and technically advanced group has created 76,000 fake websites. The attackers passed them off as official resources of premium clothing, footwear and accessories brands such as Dior, Nike, Lacoste, Hugo Boss, Versace and Prada.
The sites were launched in dozens of languages-English, German, French, Spanish, Swedish, Italian and others. At the same time, the creators tried to make them as plausible as possible by copying the design and content from the original stores. All this was done to mislead gullible buyers and force them to disclose personal confidential data, including bank card numbers with CVV security codes.
Over the past three years, the fraudulent network has processed more than 1 million "orders". According to general estimates, hackers could have stolen up to 50 million euros during this period. At the same time, the vast majority of victims either did not receive the goods at all, or instead of luxury branded items, they were sent cheap fakes.
So far, almost 800,000 people have disclosed their email addresses, and about 476,000 victims have also provided criminals with their full account details. Absolutely all the victims left their names, phone numbers and residential addresses on the site.
According to experts, information stolen from customers can be used by fraudsters to organize new scams. In addition, arrays of personal data may be of interest to foreign intelligence services.
The investigation revealed that the campaign appears to be run by a team of experienced programmers from the Chinese province of Fujian. It is led by a central core of developers who have created an automated system to accelerate the deployment of new fake online stores. They not only manage the launch of fake websites directly, but also provide access to their platform to other criminal groups "by franchise". In the detected logs of operation of this software, traces of at least 210 buyers who gained access to it since 2015 were recorded.
Experts say that Fuzhou Zhongqing Network Technology Co Ltd, an IT company registered in Fujian, may be involved in the operation. Among its internal documentation, templates of employment contracts with suspicious content were found. These documents provide for strict payment conditions and strict control over employees involved in the collection of personal data and the direct development of a fraudulent system.
According to settlement documents, between January and October 2022 alone, an unnamed company paid about £ 266,000 in dividends to at least four shareholders. Fuzhou Zhongqing is also actively hiring new developers and data scientists through Chinese recruitment websites.
Although the traces of scams clearly lead to China, it was not easy to fight the network. The owner of one factory in Germany told how his employees were called literally every day by outraged customers demanding to send the ordered goods of the Lacoste brand. It turned out that the scammers used the old domain of his company.
Currently, authorities in the UK and other countries, as well as industry anti-fraud organizations, are making efforts to shut down fake websites created by the criminal network. However, experts point out that technology giants such as Google, whose search services help attract customers to fake online stores, should first take active measures to protect consumers from such fraudulent schemes.
An international investigation conducted by The Guardian, Die Zeit and Le Monde has uncovered one of the largest Internet fraud schemes in history. Hundreds of thousands of people in Europe and the United States were victims of a large-scale leak — fraudsters stole their personal data and bank account details through fake online stores. As a result, tens of millions of euros were stolen.
According to data obtained by journalists and cybersecurity experts, this highly organized and technically advanced group has created 76,000 fake websites. The attackers passed them off as official resources of premium clothing, footwear and accessories brands such as Dior, Nike, Lacoste, Hugo Boss, Versace and Prada.
The sites were launched in dozens of languages-English, German, French, Spanish, Swedish, Italian and others. At the same time, the creators tried to make them as plausible as possible by copying the design and content from the original stores. All this was done to mislead gullible buyers and force them to disclose personal confidential data, including bank card numbers with CVV security codes.
Over the past three years, the fraudulent network has processed more than 1 million "orders". According to general estimates, hackers could have stolen up to 50 million euros during this period. At the same time, the vast majority of victims either did not receive the goods at all, or instead of luxury branded items, they were sent cheap fakes.
So far, almost 800,000 people have disclosed their email addresses, and about 476,000 victims have also provided criminals with their full account details. Absolutely all the victims left their names, phone numbers and residential addresses on the site.
According to experts, information stolen from customers can be used by fraudsters to organize new scams. In addition, arrays of personal data may be of interest to foreign intelligence services.
The investigation revealed that the campaign appears to be run by a team of experienced programmers from the Chinese province of Fujian. It is led by a central core of developers who have created an automated system to accelerate the deployment of new fake online stores. They not only manage the launch of fake websites directly, but also provide access to their platform to other criminal groups "by franchise". In the detected logs of operation of this software, traces of at least 210 buyers who gained access to it since 2015 were recorded.
Experts say that Fuzhou Zhongqing Network Technology Co Ltd, an IT company registered in Fujian, may be involved in the operation. Among its internal documentation, templates of employment contracts with suspicious content were found. These documents provide for strict payment conditions and strict control over employees involved in the collection of personal data and the direct development of a fraudulent system.
According to settlement documents, between January and October 2022 alone, an unnamed company paid about £ 266,000 in dividends to at least four shareholders. Fuzhou Zhongqing is also actively hiring new developers and data scientists through Chinese recruitment websites.
Although the traces of scams clearly lead to China, it was not easy to fight the network. The owner of one factory in Germany told how his employees were called literally every day by outraged customers demanding to send the ordered goods of the Lacoste brand. It turned out that the scammers used the old domain of his company.
Currently, authorities in the UK and other countries, as well as industry anti-fraud organizations, are making efforts to shut down fake websites created by the criminal network. However, experts point out that technology giants such as Google, whose search services help attract customers to fake online stores, should first take active measures to protect consumers from such fraudulent schemes.
