A new report released today by a cybersecurity company Human Security Inc. warns of a large-scale phishing scheme called “Phish ‘n’ Ships” that exploits fake online stores and search engine manipulation to defraud consumers.

Discovered by the company’s Satori Threat Intelligence and Research team, the Phish ‘n’ Ships scheme is described as a sophisticated effort to exploit consumers using fake online stores and compromised search engine rankings. The bad actors behind this scheme infect legitimate websites to create and rank fake product listings for popular items, causing them to appear in top search results. When unsuspecting consumers click on these links, they are redirected to fake stores controlled by the attackers.

Once on the fake site, consumers follow what appears to be a typical online payment process. Payment information is collected through one of several targeted payment processors, allowing attackers to capture sensitive funds and card data. The victims thought they were purchasing real items, but the products never arrived.

The report notes that the operation affected more than 1,000 websites and created 121 fake online stores, costing victims millions of dollars. By abusing search engine optimization tactics, the attackers attracted significant traffic to the counterfeit sites, and the scheme is estimated to have affected hundreds of thousands of consumers over the past five years.

Without clearly stating that those responsible for this project were from mainland China, the report indicates that the internal tools used by the threat actors used simplified Chinese, the form of Chinese used in mainland China, as opposed to the traditional Chinese used in Hong Kong. Taiwan and Macau.

By working with payment platforms, Human Security was able to disrupt much of the operations, including requiring Google to remove numerous fraudulent listings from its search results and the payment processors involved suspending accounts associated with the system. Law enforcement and the broader threat intelligence community were also briefed to prevent further casualties.

Even though links to the system have been mostly removed and its operations slowed, Phish ‘n’ Ships remains a real threat, as attackers seek new methods to evade detection. Human Security warns consumers to remain vigilant when shopping online, especially for deals that seem too good to be true.

Image: SiliconANGLE/Ideogram