Experts are warning that with online scams set to reach a record high in 2023, fraudsters are taking advantage of Black Friday sales to target US shoppers with fake websites and advertisements for major brands such as Ikea, Wayfair and The North Face. Are.
A new report has been released by threat intelligence agency EclecticIQ Identified A campaign that operates a vast network of fabricated websites using “trusted store” badges to lure shoppers with counterfeit products.
When consumers attempt to make purchases, scammers steal their personal and payment information. Consumers often do not realize they have been defrauded until they fail to receive the product.
Potential losses from online fraud reports exceed $12.5 billion in 2023 – a 22% increase from 2022. FBI dataAuthorities say the tool is being used in increasingly sophisticated scams Aye To power their campaigns.
“With the way it seems like everyone is shopping online now, the reliance on digital platforms has given these groups a broader attack surface than ever before,” EclecticIQ CEO Cody Barrow told CBS News. “Unfortunately, it's likely we'll see the effects of this until next week.”
Scams
EclecticIQ says it has identified at least 8,000 fabricated sites that lure shoppers by offering huge “deals” on popular brands. The websites are not affiliated with the brands they appear to represent, but are designed to look like official sites and use authentic-looking URLs.
In one example, a site posing as Wayfair used the URLwayfairtoday.com. Another site used the URL wayfairblackfriday.com. The website was registered in early November and offered fake “deals” that included reducing an $800 mattress to $39.
CBS confirmed
CBS confirmed
CBS News also found an ad bearing the Wayfair logo that took users to another fake site posing as the retailer. It was removed from Meta's ad library by Friday. Wayfair told CBS News it is actively monitoring scams to ensure customer safety.
Analysts discovered Mandarin coding and Chinese IP addresses on the sites, indicating that the phishing campaign was conducted by a China-based group. IKEA told CBS News it was investigating one of the scam websites using the name identified by EclecticIQ.
Separately, an ad on Facebook and Instagram using The North Face logo led users to a fabricated site. The ad was removed due to policy violations, and The North Face told CBS News it was working with Meta and “other partners” to combat scam sites.
“Scammers utilize every online platform available to them and constantly evolve their strategies to avoid enforcement,” said Meta spokesperson Erin Logan. “In this example, our systems proactively detected and removed many of these ads before they were reported to us.”
The Federal Trade Commission released data in February that showed fraud in online shopping was rampant second most common Types of fraud reported in 2023.
Experts say fraudulent sites and advertising remain a widespread issue. “Many scam sites are short-term campaigns, so identifying new sites is an ongoing effort,” Ilya Volovik, director of Recorded Future Payment Fraud Intelligence, told CBS News. “Some long-lived scam sites change their 'sale' advertising depending on the holidays.”
Tips to keep yourself safe
Cliff Steinhauer, director of information security and engagement at the National Cyber Security Alliance, said consumers should exercise caution, remain vigilant when shopping online and take immediate action if they believe they have been scammed.
Secure your accounts. Experts recommend setting up strong and unique passwords along with multifactor authentication for all accounts, including shopping and bank sites.
Avoid unfamiliar links: Be wary of links in unsolicited emails and text messages. Instead, use a search engine to navigate to the retailer's website.
Look for red flags. Be wary of deals that sound too good to be true, as well as websites that use excessive pop-ups and urgent language. If in doubt, leave the site.
Research the website. Check out reviews from other buyers who have used the site. Visit the Better Business Bureau websiteWhich maintains a database containing ratings for millions of businesses.
If you believe you have been a victim of fraud, notify your bank immediately to have the charges reversed. You should also change the passwords for your online accounts. File a police report if you experience harassment or repeated attempts to steal more of your information.
Experts also advise If your personal information is compromised through a data breach, your credit at the three major credit reporting bureaus will be frozen. This will ensure that your identity cannot be stolen if scammers obtain your Social Security number.