A sophisticated credit card scam sweeping across the United States has cybersecurity experts warning consumers to exercise extreme caution when shopping online.

According to the Daily Mail, thousands of fake retail websites are actively stealing payment information from unsuspecting shoppers.

The widespread fraud operation, largely run by organized criminal groups based in China, has created countless counterfeit storefronts mimicking major brands like PayPal, Apple, Wayfair, and other popular retailers. These scam sites use sophisticated tactics to appear legitimate, often appearing at the top of Google search results.

Professional Hackers Target Major Retailers

The cybercriminal networks have meticulously copied images, layouts and text from legitimate company websites to create convincing fakes. Their fraudulent sites frequently swap just one letter in the web address to fool consumers, while displaying familiar payment logos to build false trust.

Silent Push cybersecurity experts uncovered thousands of domains impersonating payment processors and retail brands as part of this expansive criminal campaign. Many of the fake sites pressure shoppers with artificial "limited-time" deals and countdown timers to rush purchases.

Mexican journalist Ignacio Gómez Villaseñor first detected the scam targeting Mexico's "Hot Sale 2025" event, leading analysts to discover Chinese-language code and templates reused across numerous fraudulent domains. This revealed the operation's likely origin and scale.

Rising Losses Prompt FBI Warning

The Federal Bureau of Investigation reports Americans lost $16.6 billion to internet scams in 2024, representing a 33% increase from the previous year. The agency received nearly 860,000 complaints, dramatically higher than the early 2000s average of 2,000 monthly reports.

The scammers rely heavily on "SEO poisoning" to manipulate search rankings and direct more traffic to their fake sites. Common target searches include terms like "Wrangler jeans" and "discount handbags."

Silent Push analysts found numerous suspicious domains like harborfrieght.shop (misspelling Harbor Freight) operating under this criminal network. The fraudulent sites frequently employ cloned checkout systems to capture payment details.

Protecting Consumer Payment Information

Cybersecurity experts advise carefully checking web addresses to ensure they belong to legitimate brands. Basic security indicators like "HTTPS" in the URL can help identify secure sites that encrypt payment data.

The FBI urges consumers to avoid paying with gift cards or wire transfers when shopping online. The agency also recommends thoroughly verifying seller reviews and website authenticity before entering any payment information.

Despite efforts to shut down these fraudulent domains, thousands remain active as of June 2025. Traditional takedown methods struggle to keep pace with the volume of new scam sites appearing weekly.

Why This Story Matters

This sweeping fraud operation highlights the growing threat of digital scams in everyday commerce. The stealing of payment data doesn’t just harm individuals—it affects national trust in e-commerce and public safety.

It also exposes vulnerabilities in online advertising and search platforms that should be more proactive in screening out fake retailers. Educating the public can help reduce the success rate of these cons and encourage more robust protective measures across the tech industry. Ultimately, the fight against internet crime requires not just awareness but accountability from all digital platforms distributing these damaging content links.

As of June 2025, thousands of scam domains mimicking popular brands like PayPal, Apple, and Wayfair are still active across the web, largely operated by China-linked networks skilled in SEO and social engineering. These criminals use deceptive visuals, false payment options, and misleading ads to make their phony offers look real—especially during busy shopping periods. Despite rising reports and FBI warnings, the scam continues to claim new victims daily, prompting cybersecurity experts to push for greater consumer education and rapid domain takedowns.