Non-existent stores and fictitious sales – how not to get caught in the trap of fake e-commerce

Fake online stores, fake promotions and alleged liquidations of companies with a long tradition – this is an increasingly common way of operating by criminals who use automation, social media and tools based on artificial intelligence. In 2024, CERT Polska received over 600 thousand reports of cybersecurity incidents— 62 % more than the year before — of which nearly 98 thousand were related to computer fraud. Many referred to stores that never existed or were only used for phishing. This shows that the problem of fake e-commerce is not only intensifying but also becoming a key area of threat in online commerce in the era of AI development.

The fraudsters’ scheme is based on publishing moving stories to persuade people to buy, often under the pretext of “closing the store after 29 years of operation” or “selling warehouse tips at cost”. There is no real entity under the ad, and the website disappears after a few days, giving way to new, automatically generated ones.

Attacks are becoming increasingly difficult to detect. Criminals use ready-made templates to build stores, impersonate well-known brands, and use sponsored ads and search engine positioning.

“Thanks to AI, fraudsters work faster, on a larger scale and with a much lower risk of detection. Creating a fake store with realistic content is possible even within several dozen minutes. Product descriptions, regulations, reviews – everything can be artificially generated. That is why it is so vital for customers to learn to recognise characteristic signs of irregularities, e.g. language errors, strange redirects, unusual URLs or lack of contact details” – says Michał Tomaszewski, CISO, head of the Security Team at Exorigo-Upos.

Huge scale of phishing in Poland

Last year, 305,000 fake domains were blocked¹. Brand phishing, i.e., impersonating well-known stores by creating almost visually identical pages or addresses, also remains a challenge. It isn’t easy to detect without specialised tools for monitoring domains and analysing the external environment.

“Cybercriminals do not focus on specific industries, but choose economically attractive and poorly secured enterprises. If a company generates high revenue, but does not invest in security – it becomes an easy target. When the security is robust and access to data would require a lot of time or expenditure, fraudsters move on,” emphasises Michał Tomaszewski.

How can you recognise a fake store and not be deceived?

Recognising fake stores and sales requires mindfulness and a critical approach to the offer. It is worth paying attention to the website address itself – it often contains minor typos, unusual domain extensions (e.g. instead of .pl appears .store or .top) or lack of available WHOIS data, which may indicate an anonymous, one-time registration. An additional clue is the lack of transparent information about the return policy, purchase terms and conditions or seller details.

Attention should also be paid to the content itself – repetitive product descriptions, grammatical errors or information not matching the offer may suggest that they were generated automatically. An equally important warning sign is the limited choice of payment methods – especially if there are no reputable operators, such as PayU or Przelewy24, and only the prepayment option is available. Finally, empty tabs, broken subpages and links leading to other websites without a connection to the brand are also suspicious. Users can effectively avoid the most common e-commerce pitfalls by verifying these elements and exercising caution.

“For online sellers, the best form of protection is a multi-layered approach to security. Legitimate stores implement SSL certificates, two-factor authentication mechanisms, WAF systems, network traffic monitoring, and penetration testing. They are also increasingly investing in permanent security services – Security Operations Centre – which analyses anomalies and reacts to them in real time. But no technology can replace the basic caution of the user,” says Tomaszewski.

Transparency in e-commerce

An article published in Behavioural Public Policy² shows that increased transparency in seller information and user ratings directly impacts customer trust and purchasing decisions. Creating a publicly available database of certified online stores can be considered in this context.

“Such a list could inspire trust, but it will not eliminate the phenomenon of typosquatting, nor will it protect against phishing campaigns. It could also make it more difficult for new, smaller entities to enter the market. Systemic actions are needed: quick and consistent response of CERT teams, sharing knowledge within the industry and developing tools for reporting suspicious sites,” concludes Michał Tomaszewski.

Fake online stores are one of the most serious challenges for the entire e-commerce market today. Consumer education plays a key role here: Awareness of what to look out for and how to react to suspicious situations can realistically reduce the scale of losses. Today, online shops—regardless of size—must not only take care of their IT infrastructure but also actively build trust and respond to new attack techniques.

[1] https://cert.orange.pl/wp-content/uploads/2025/04/Raport_CERT_Orange_Polska_2024.pdf

[2] https://www.cambridge.org/core/journals/behavioural-public-policy/article/impact-of-online-platform-transparency-of-information-on-consumers-choices/1D7F0662612755FE18E9694DA9E95BF3