There was no shortage of deals to be found online last week. Some were offered up by stores and brands you know and trust — others by criminals looking to make a quick buck.
A studio shot of pair of running shoes in paper box on yellow background. Flat lay, top view.
Counterfeit shopping sites are constantly popping up on the Internet, promising bargains that appear too good to be true. The unlucky ones who complete a transaction soon learn the error of their ways. The products they receive rarely match up with what was ordered... if anything ever arrives at all.
As if that wasn’t enough, Malwarebytes researchers have discovered a campaign that seeks to salt the wounds of unwitting counterfeit store shoppers. Scores of these sites have been infected with malware that skims credit card information during the checkout process.
The Malwarebytes report focuses on shady sneaker shops. Apart from being counterfeits, the sites Malwarebytes tracked all had one thing in common: they were running outdated versions of a popular e-commerce platform called Magento and the PHP programming language it utilizes.
Malwarebytes believes that automated hacking tools sought out vulnerable installations and then injected the card-skimming code. While the report doesn’t provide an exact number, the company’s researchers found this code on hundreds of counterfeit sneaker sites.
Between the time of publication and now the numbers may have changed dramatically, of course. Scammers are constantly cobbling together new sites and shutting down others in a continuing effort to rake in profits while avoiding detection.
It’s a never-ending game of cat and mouse. Some of the impacted Malwarebytes tracked, for example, had been knocked offline earlier this year when Adidas filed a complaint in a Southern District of Florida court.
Malwarebytes’ report links this string of attacks to one of the numerous Magecart hacking groups that are currently active. Shoppers’ hacked payment card and address details are uploaded to servers under the group’s control in China.
To avoid falling into on of their traps there are a couple simple steps you can take. For starters, remind yourself that if something seems too good to be true it probably is. Online counterfeiters tend to promise jaw-dropping discounts on highly sought-after items that often command a premium.
You can also install a browser extension that can detect and block malicious scripts. Malwarebytes themselves offer one that protects multiple browsers.
