China-Linked Hackers Target Shoppers with Fake Retail Sites in Global Scam

A vast phishing campaign believed to originate from China is tricking online shoppers into handing over their credit card details via thousands of fake websites impersonating luxury and high-street brands.

 

Cybersecurity firm Silent Push uncovered the operation after an initial tip-off from Mexican journalist Ignacio Gómez Villaseñor, who spotted suspicious activity during Mexico’s national sales week in May. What appeared to be a localised scam turned out to be a much broader network targeting shoppers in multiple countries, particularly English and Spanish speakers.

 

The counterfeit sites mimic the look and feel of legitimate brands including Apple, PayPal, Hermes, Michael Kors, and Nordstrom. Some even use scraped product listings and real payment widgets, like Google Pay, to appear authentic. But any information entered is harvested by attackers — and no products are delivered.

 

One spoofed Guitar Center site bizarrely offered children’s accessories instead of musical instruments, raising red flags. But many others are near-perfect replicas that fool even savvy shoppers.

 

Although no specific hacking group has been formally named, forensic evidence points to operators in China, based on code fragments containing Chinese-language terms.

 

Silent Push says the infrastructure behind the campaign remains extensive, with thousands of domains still live despite efforts by hosting companies to dismantle the network. The full scale of the financial impact remains unknown.

 

This campaign follows a broader trend of retail-themed cyberattacks. Recent victims include Victoria’s Secret, Cartier, Adidas, and Dior — all of which have reported breaches or service disruptions linked to cyber incidents.

 

Security experts warn that these scams often rely on manipulated search rankings and convincing web design to lure victims. Shoppers are advised to double-check URLs, avoid unfamiliar online stores, and use secure payment methods wherever possible.