The FBI says that an increasing number of victims are being directed to fraudulent websites via social media platforms and popular online search engines.

According to complaints received by the FBI, an increasing number of victims have not received items they purchased from websites offering low prices on items such as gym equipment, small appliances, tools and furniture. Victims reported they were led to these websites via ads on social media platforms or while searching for specific items on online search engines’ “shopping” pages. Victims purchased items from these websites because prices were consistently lower than those offered by other online retail stores. Complainants indicated the following:

• Disposable face masks shipped from China were received regardless of what was ordered.
• Payment was made using an online money transfer service.
• The retail websites provided valid but unassociated U.S. addresses and telephone numbers under a “Contact Us” link, misleading victims to believe the retailer was located within the U.S.
• Many of the websites used content copied from legitimate sites; in addition, the same unassociated addresses and telephone numbers were listed for multiple retailers.

Some victims who complained to the vendor about their shipments were offered partial reimbursement and told to keep the face masks as compensation. Others were told to return the items to China in order to be reimbursed, which would result in the victim paying high postage fees, or agree to a partial reimbursement of the product ordered without returning the items received. All attempts made by the victims to be fully reimbursed, or receive the actual items ordered, were unsuccessful.

Reported indicators of the fake websites included the following:

• Instead of .com, the fraudulent websites used the Internet top-level domains (TLD) “.club” and “.top.”
• Websites offered merchandise at significantly discounted prices.
• Uniform Resource Locator (URL) or web addresses were registered recently (within the last six months).
• Websites used content copied from legitimate sites and often shared the same contact information.
• The websites were advertised on social media.
• Criminal actors utilized a private domain registration service to avoid personal information being published in the Whois Public Internet Directory.