Attackers often target customers of online stores as victims. The most common schemes today are two that attempt to steal money from users making purchases on the Internet, according to Ashot Oganesyan, founder of the data leak intelligence service DLBI.
According to him, the most common deception scheme is the falsification of delivery forms - links to them are usually distributed by scammers posing as sellers through chat rooms of online stores and instant messengers.
“Entering card data into a form on a fake website leads to attempts to withdraw funds from it, and fraudsters using social engineering methods try to obtain SMS authorization codes,” Oganesyan explained.
The second common scam scenario is related to refunds. The seller lists the item at a favorable price, removes the item from stock after ordering, and offers the buyer a link to a fake refund form. The buyer fills out the form and loses money.
“What works against the buyer in this case is the desire to urgently return funds already debited from the card and make a second purchase, as well as the expectation that the card details entered on the phishing page may actually be required to return funds to it,” Oganesyan noted.
According to him, the first scheme is more common on sites with private online advertisements, while the second is common on large marketplaces.
It should be noted that the scheme using a fake delivery form is quite actively used today in Armenia, however, against people selling goods online: scammers contact them and say that they want to buy the goods, but they will need delivery to another city. They ask the merchant to enter information, including their card, into a fake delivery form, which actually helps scammers steal money from the merchant's card.
To avoid falling into the trap, Oganesyan advises to remember that on marketplaces all transactions with money are carried out between the marketplace and the buyer, and you should only use your personal account to manage transactions. It also warns that any links received from sellers or other people may be a sign of fraud, even if they look like a marketplace address.