Cybersecurity firm Silent Push has unveiled a significant phishing scam originating from China, which has resulted in the creation of thousands of fake e-commerce websites designed to deceive online consumers. These fraudulent sites closely mimic reputable brands, aiming to capture sensitive financial information from both English and Spanish-speaking individuals around the globe. This investigation sheds light on a deepening trend of online fraud that has escalated in recent months, particularly with major sales events approaching.
The investigation began following a crucial tip from Mexican journalist Ignacio Gómez Villaseñor, whose May 26, 2025, post on X/Twitter highlighted a concerning target during the Hot Sale 2025 period—a prominent annual sales event in Mexico akin to Black Friday in the United States. This event, which took place from May 26 to June 3, 2025, is sponsored by the Asociación Mexicana de Ventas Online (AMVO) and has become a prime opportunity for unscrupulous scammers to exploit vulnerable shoppers.
Silent Push’s research, shared with Hackread.com ahead of its publication, reveals that the scammers have ingeniously crafted convincing replicas of popular retail websites, including brands like Apple, Michael Kors, and Wayfair. While these sham sites appear to conduct transactions, they deceptively capture credit card details without processing legitimate purchases. In an alarming finding from tests conducted by Publimetro México, it was noted that entering false payment data made the sites simulate payment processing, displaying timers and logos from established payment services.
Additional investigations highlighted that even platforms like Google Pay, known for their robust security measures, are being exploited by these criminals who manipulate their systems to avoid delivering any purchased goods. As of June 2025, numerous fraudulent domains still thrive online despite efforts to take down some of these websites. Silent Push has expressed high confidence in identifying the Chinese origin of this expansive network, fueled by technical fingerprints found within the scam’s operators. Consumers are being urged to exercise vigilance when shopping online as this complex phishing campaign continues to pose a serious threat.