Skip to content

Chinese scam hits 800K+ people in Europe, USA and Australia

  • by
  • 4 min read

A vast network of counterfeit online designer stores believed to have been operated from China since 2015 has ensnared over 800,000 individuals across several nations, including Europe, the US, and Australia, tricking them into divulging sensitive personal data and card details.

Out of these, more than 476,00 individuals shared credit and debit card details with the scammers along with other financial information such as the three-digit security pin, names, phone numbers, emails, and postal addresses.

This revelation stems from an extensive investigation jointly conducted by The Guardian, Die Zeit, and Le Monde, shedding light on what authorities describe as one of the largest scams in recent memory, involving creating 76,000 websites in multiple languages.

The investigation unveiled a highly organised and technologically adept campaign that continues to operate. Programmers within this network have generated tens of thousands of fake web shops posing as reputable brands like Dior, Nike, Lacoste, Hugo Boss, Versace, and Prada, among others.

These fraudulent platforms, available in multiple languages, entice unsuspecting shoppers with steep discounts, leading them to share their financial and personal information.

The scam supposedly operates on two levels: the first involves harvesting credit card information, while the second involves taking payment for the fake product.

A sample of fake websites posing as reputable brands. | Source: The Guardian

The location of the attack can be traced back to Fujian province in China, particularly cities like Putian and Fuzhou.

The complexity of this scam is evident from its longevity, stretching back to at least 2015. Researchers’ data analysis reveals that over 1 million orders were processed in the last three years alone, with a potential financial impact of up to €50 million (£43 million).

While many of these fraudulent shops have been abandoned, more than 22,500 remain operational and continue to lure consumers in.

A group of developers working in a franchise-like model are responsible for systematically creating and launching deceptive tactics. Their infrastructure allows for quick deployment and operation, and records indicate that at least 210 users have been involved since 2015.

They designed a system that can create and launch misleading websites with some level of automation. Researchers accessed the payroll data of these developers and discovered that they were hired as data harvesters. These individuals were receiving regular salaries through Chinese banks. Their employment contracts have strict conditions with a performance score determining their organisational advancement. Even taking a day off due to medical or other emergencies can reduce their salaries.

Europeans gave the maximum data to scammers followed by the Americans and Australians. | Souce: Security Research Labs

On further investigation, a Chinese company named Fuzhou Zhongqing Network Technology Co Ltd. came to light, although researchers were unable to link this company to the ongoing campaign.

This network was revealed through Security Research Labs (SR Labs), a German cybersecurity consultancy that exposed its tactics of credit card harvesting and fraudulent transactions.

The repercussions of this scam extend beyond monetary losses. Victims recounted their experiences of being drawn in by enticing offers only to discover later that they had fallen prey to a scam.

The network’s sophisticated approach includes using expired domains to host fake shops, meticulous testing to avoid detection, and a system that allows multiple users to access and operate the network, indicating a highly organised operation. Analysts such as Jake Moore from ESET believe that the Chinese government might have access to all the data.

“The bigger picture is that one must assume the Chinese government may have potential access to the data,” Jake Moore told The Guardian.

In the News: Google moves search results count under the ‘tools’ menu

Kumar Hemant

Kumar Hemant

Deputy Editor at Candid.Technology. Hemant writes at the intersection of tech and culture and has a keen interest in science, social issues and international relations. You can contact him here: