While “tens of millions of dollars” were stolen from “hundreds of thousands” of internet users, a serious warning was sent to billions of users of the most popular internet browsers. Google has removed well-known websites from search results, but this will not eliminate links elsewhere, on social media and messaging platforms. It is critical that all users know what to look for. Put very simply, you should not use these websites.

Satori of Human Security researchers warn that threat actors “infect legitimate websites with a malicious payload, redirecting traffic to fake web stores.” This payload creates fake product listings and adds metadata that places these fake listings near the top of search engine rankings for the items, making them a tempting proposition for an unsuspecting consumer. “When a consumer clicks on the product link, they are redirected to another website, which is controlled by the threat actor.”

ForbesNew Microsoft Windows Password Alert—U.S. Government Says Stop Doing This NowWith Zak Doffman

On the dodgy website, users will be redirected to a legitimate payment processing platform to purchase the product of their choice. Of course, that product would never arrive, but the money would definitely be taken. While many consumers can be protected from the ultimate financial cost through credit card chargebacks, this is never guaranteed until a claim is investigated.

In the most recently announced campaign, bad actors “infected more than 1,000 websites to create and promote fake product listings and built 121 fake web stores to deceive consumers… losses of tens of millions of dollars, including hundreds of thousands, are estimated over the past five years.” “The consumer was victimized.”

So, what can you do to prevent your money from disappearing into a black hole:

1. If product deals that seem too good to be true are often offered at below market prices, do not proceed unless you have verified the site.
2. Check consistency between website names and the names that appear in pop-ups, payment processing windows, and the URL. This particular campaign infected legitimate websites and was then redirected elsewhere
3. Does the ordering process appear completely legitimate? For example, does it have autofill address details, does it check the quality of the data you enter?
4. If this is a website you haven’t used before, check the reviews carefully; Be aware that these may be fake and look for known website reviews of the site.
5. Can you find the product on a well-known site, even if it is more expensive?

Dubbed “phishing and ships” by the research team, the campaign involved a number of sophisticated touches such as metadata that would push to the top of search results, although Google removed those known to be fake. In this case, when legitimate websites are infected, users are initially lulled into a false sense of security, but a redirect to a fake web store is when alarm bells should start ringing.

You can find a list of all known fake websites hereDespite known threats, some of them remain active, according to this latest report.

ForbesWhy Should You Buy a New Microsoft Windows PC in 2025?With Zak Doffman

“This operation underscores the relationship between the digital advertising ecosystem and fraud,” says Satori. “If it weren’t for fake organic and sponsored product listings staged by threat actors, there would be no traffic to fake web stores and therefore no fraud. “One of the key takeaways from Phish ‘n’ Ships is that digital advertising can be dangerous and consumers need to be careful when taking the next step in the digital journey.”

Users of all major browsers fall victim to such attacks. The research team warns that although Google has “partially thwarted” the takedown threat, “Phish ‘n’ Ships remains an active threat.” “Threat actors are unlikely to pull the plug on their business without trying to find a new way to continue their scams.”