Mushrooming fake store sites, deceptive domains, and compromised e-commerce sites are only a number of of the threats facing web shoppers and businesses this holiday season, in line with reports recently released by two cybersecurity corporations.
A report released Tuesday by London-based Netcraft, a cybercrime disruption and digital risk protection company, revealed a 110% increase in fake stores from August to October of this 12 months in comparison with the identical period in 2023.
“We see this yearly,” said Netcraft Software Engineering Lead Will Barnes.
“The previous peak within the number of faux store domains was last November,” he told the E-Commerce Times. “We’ve just seen a brand new peak in October and expect it to be even higher in November. This is usually a high period for this sort of crime.”
The surge in fake stores is being powered by means of large language models by threat actors, in line with the report. It explained that LLMs are used to generate long- and short-form text for the product descriptions on these sites.
“We first observed LLM-generated retail product descriptions in July 2024, and similar behaviors proceed into the vacation shopping season,” the report noted. “This includes examples of faux stores appropriating product listings directly from Amazon and using LLMs to rewrite the copy for enhanced search engine performance.”
Higher Bogus Product Descriptions
Previously, Barnes explained, scammers would use off-the-shelf e-commerce software to create their stores. Product descriptions on the sites were either empty or ripped off legitimate sites.
“With the usage of large language models, what we’re seeing is totally original, convincing looking text, that’s just completely made up, or a rewording of the unique listing to make it in order that it’s not obviously just ripped,” he said.
The usage of LLMs allows threat actors to supply higher quality images of products and types, in addition to enable them to create more compelling sales pitches in email messages, noted Jim Routh, chief trust officer at Saviynt, an identity governance and access management solutions company, in El Segundo, Calif.
“Each of those capabilities enhanced through the usage of LLMs is lowering the time it takes to create fraudulent storefronts online while increasing the probability of victims for the cybercriminals,” he told the E-Commerce Times.
“The simplified ability to create web sites quickly and with little effort, either through the usage of generative AI and even basic scripts, is allowing bad actors to quickly and simply create these stores at a big scale,” added Erich Kron, security awareness advocate for KnowBe4, a security awareness training provider, in Clearwater, Fla.
“The vacation season is an ideal time for bad actors to create these stores while individuals are caught up in the push of purchasing for family members and friends,” he told the E-Commerce Times.
Chinese Fake Store Mill
Kimberly Sutherland, vp of fraud and identity strategy at LexisNexis Risk Solutions, a world data analytics and services company, noted that using URLs that closely resemble a brand’s store to steer shoppers to a fraud site isn’t recent. “Nevertheless, consumers could often tell after they were on a fraudulent site,” she told the E-Commerce Times. “It didn’t quite work or feel exactly as expected.”
“Now, in all types of scams, consumers are having difficulty determining if something is inaccurate,” she said. “Fraudsters are using AI tools to enhance not only the best way that they send an email or a text message with more accurate content, but now they’re also in a position to use a generative AI tool to create full web pages that look exactly like brand pages.”
A source of tens of 1000’s of faux stores is an e-commerce tech platform called Shopyy, in line with Netcraft. Shopyy, based in China, offers a broad portfolio of technical solutions to assist retailers construct and optimize online stores, promote their products, and accept different payment types, Netcraft’s report explained. Shopyy also provides hosting and domain registration on behalf of store operators.
“Unfortunately, the customization and convenience that advantages real retailers will be misused by cybercriminals,” the report noted. “While some legitimate businesses use Shopyy as their e-commerce platform partner, we’ve detected 1000’s of Shopyy-powered fake stores, increasing month-over-month since April 2024. Between November 18 to 21 alone, Netcraft’s systems identified greater than 9,000 recent fake store domains hosted through Shopyy.”
“These sites often impersonate established brands to benefit from their mental property, brand fame, and existing customer base,” it continued. “As a substitute of offering the identical quality services and products, they trick unsuspecting shoppers into paying for fake, substandard, or non-existent products.”
Cutting-Edge Techniques Deployed
Fake stores are only a part of an evolving attack surface open to online raiders. “The vacation season presents an irresistible opportunity for cybercriminals to capitalize on increased online transactions,” FortiGuard Labs noted in a blog posted Tuesday.
“Tools and services now available on the darknet empower attackers to focus on e-commerce platforms and unsuspecting shoppers more effectively than ever,” it continued. “This 12 months, threat actors are leveraging cutting-edge techniques, including AI-powered phishing lures, sophisticated website cloning tools, and distant code execution (RCE) exploits to realize unauthorized access to shopping platforms.”
“AI-driven methods allow attackers to craft convincing emails and replicas of legitimate web sites to steal data or trick users into disclosing sensitive information,” it added.
In a report released Nov. 15, FortiGuard noted that cybercriminals are using AI models like ChatGPT to craft convincing phishing emails, mimicking legitimate communications from retailers and banks, which increases the effectiveness of their scams, especially during peak shopping periods.
“These phishing attacks can routinely generate customized content, adapt in real time, and learn from successes and failures to enhance effectiveness,” said Stephen Kowski, field CTO at SlashNext, a pc and network security company in Pleasanton, Calif.
“Unlike traditional phishing, AI phishing can scale to supply 1000’s of unique, targeted messages and quickly pivot based on defense,” he told the E-Commerce Times.
Algorithm Poisoning and Loyalty Harvesting
The FortiGuard report also noted that threat actors are ramping up efforts to use online shopping trends. It warned that 1000’s of holiday-themed domains mimicking trusted brands like Amazon and Walmart are being registered to deceive consumers with fake offers and promotions.
Popular platforms corresponding to Adobe Commerce, Shopify, and WooCommerce are prime targets resulting from weak configurations and outdated plugins, it continued. Attackers are deploying sniffers to capture customer data and using RCE exploits to realize administrative access to shopping platforms.
Jason Soroko, a senior fellow at Sectigo, a comprehensive certificate lifecycle management provider in Scottsdale, Ariz., warned businesses and consumers about some potential threats facing them online.
“The Thanksgiving shopping season exposes retailers to ‘algorithm poisoning,’ where attackers manipulate dynamic pricing algorithms,” he told the E-Commerce Times. “By injecting false demand signals or exploiting vulnerabilities on the API level, they may trigger price drops or modify inventory systems, resulting in any variety of issues. Monitoring APIs for anomalies is a critical countermeasure.”
“Loyalty account harvesting is also a possible, as attackers use credential stuffing to use weak passwords, stealing rewards points for resale or fraudulent purchases,” he added. “Many loyalty programs lack multi-factor authentication, making them easy targets. Retailers must implement MFA, promote strong password practices, and adopt passwordless technologies to safeguard customer accounts.”
Kron noted that the vacation shopping season is commonly a source of tension for numerous people as they seek for gifts. “Black Friday has grow to be synonymous with deep discounts and obscene savings in addition to the supply of wanted, but hard to search out items, largely resulting from the early days of this event,” he said.
“Although the deals don’t appear to be anywhere near what they was, and the proven fact that retailers are spreading out Black Friday savings across the whole month of November, people still feel the joy of probably spotting an amazing deal,” he continued. “Once we are under significant stress in the shape of fear and even this sort of excitement, we are inclined to miss details that may otherwise be a powerful warning sign to look out for scammers and cybercriminals.”