Threats Tagged 'fake shops'

Fibergrid has operated as a bulletproof hosting provider for nearly a decade, currently hosting 16,700 active fraudulent e-commerce sites. The network exploits stolen African IPv4 address space worth $20-25 million, originally acquired through improper AFRINIC registrations. Despite claiming Seychelles-based operations, multilateration analysis reveals infrastructure concentrated in the United States, United Kingdom, Netherlands, Canada, and other Western countries, primarily within Equinix data centers. Fibergrid operates through a complex web of UK and Estonian shell companies using multiple autonomous systems to evade detection and enforcement. Fake shops constitute 70% of malicious activity on this infrastructure, targeting consumers through search engines and social media with counterfeit goods and payment fraud schemes. Disruption opportunities exist through upstream provider intervention, regional internet registry action, domain-level takedowns, and indicator sharing with security providers.

A massive network of over 20,000 fraudulent e-commerce domains has been uncovered, all sharing common infrastructure and design patterns. These fake shops, primarily using the .shop domain, are designed to steal payment details and personal data from unsuspecting consumers. The operation is highly industrialized, with domains resolving to just 36 IP addresses, indicating a franchise-style model where a core team manages servers and templates while individual operators launch storefronts. The shops use familiar e-commerce tactics and psychological pressure to lure victims. To protect yourself, use browser protection tools, scrutinize unfamiliar domains, be wary of deep discounts, and look for independent reviews before making purchases.

MediumCampaignUnited StatesUnited KingdomCanada+7#dropshipping scams#consumer protection#e-commerce fraud