The U.S. Federal Bureau of Investigation (FBI) has warned of an increased number of reports coming from victims of online shopping scams.
This was published on the agency’s Internet Crime Complaint Center (IC3). and it says that the victims had found the scammers’ websites either via direct searches on popular web search engines or through social media ads.
“Victims purchased items from these websites because prices were consistently lower than those offered by other online retail stores.”
$420 million lost to online shopping scams in five years
According to an FTC report from July detailing shady sellers who never send ordered items, the number of online shopping scam reports have constantly increased every year since 2015.
“In 2019, people filed more than 86,000 reports about online shopping issues, including reports about orders that never arrived,” the FTC said.
“People have reported losing a total of almost $420 million dollars related to online shopping issues since 2015.”
Additionally, during April and May 2020, more reports of online shopping issues were received by the FTC than in any other month on record, with half of them saying that the shoppers never got what they ordered.
Last year, Malwarebytes discovered a large online shopping scam using hundreds of fraudulent sites to target sneakerheads searching for the best possible deal on the latest Off-White, Nike, and Adidas sneakers.
When shoppers purchased sneakers off of those scam sites, they found that they didn’t get the sneakers they ordered and, in some cases, didn’t get anything at all.
To make things even worse, the operators behind the online shopping scam also injected their fraudulent sites with malicious Magecart scripts that they used to steal the shoppers’ credit card information.
How to spot an online shopping scam site
– Disposable face masks shipped from China were received regardless of what was ordered.
– Payment was made using an online money transfer service.
– The retail websites provided valid but unassociated U.S. addresses and telephone numbers under a “Contact Us” link, misleading victims to believe the retailer was located within the U.S.
– Many of the websites used content copied from legitimate sites; in addition, the same unassociated addresses and telephone numbers were listed for multiple retailers.
According to the FBI, all attempts made by the scams’ victims to get the items they ordered or to be fully reimbursed, were unsuccessful.
The U.S. domestic intelligence and security service also shared an additional set of indicators that could allow others to detect shopping sites used to run similar scams, including but not limited to:
– Instead of .com, the fraudulent websites used the Internet top-level domains (TLD) “.club” and “.top.”
– Websites offered merchandise at significantly discounted prices.
– Uniform Resource Locator (URL) or web addresses were registered recently (within the last six months).
– Websites used content copied from legitimate sites and often shared the same contact information.
– The websites were advertised on social media.
– Criminal actors utilized a private domain registration service to avoid personal information being published in the Whois Public Internet Directory.
The FBI recommends online shoppers to be wary of any online retailers that use free email services as a business contact and that offer significantly discounted prices when compared to other online vendors.
Online shoppers are also advised to search for complaints and reviews from other shoppers regarding any suspicious online shopping portal, as well as the contact info pages to ensure that the online retailer is a legitimate commercial entity.