Over 800,000 individuals in Europe and the United States have been deceived by a vast network of fraudulent online shops, which have stolen credit card details and other sensitive personal data. This network appears to be managed by fraudsters based in China.

An international investigation conducted by The Guardian, Die Zeit, and Le Monde has unveiled the mechanisms of this network, which the Chartered Trading Standards Institute in the United Kingdom described as one of the largest frauds of its kind, involving 76,000 fake websites.

Data analyzed by journalists and IT experts suggests that the operation is highly organized and technically skilled – and critically, it is still active. The developers have created tens of thousands of fake online shops offering discounted products from high-end brands like Dior, Nike, Lacoste, Hugo Boss, Versace, and Prada.

Published in multiple languages including English, German, French, Spanish, Swedish, and Italian, these websites are designed to lure buyers not only to spend their money but also to surrender their sensitive personal data. However, these sites have no affiliation with the brands they claim to sell, and most consumers have reported never receiving the products they ordered.

Since its inception in 2015, the network has processed over 1 million "orders" in the last three years alone, not all payments were successfully processed, but analysis indicates that the criminal network could have siphoned off up to €50 million during this period. Although many stores have been abandoned, a third of them—over 22,500—are still active.

It is estimated that nearly all of the 800,000 victims, primarily from Europe and the US, with 476,000 having surrendered their credit and debit card details, including their three-digit security numbers. They have also provided their names, phone numbers, and email addresses.

Katherine Hart from the Chartered Trading Standards Institute told The Guardian that this operation is "one of the biggest online frauds involving fake shops I have seen," adding that "these people often belong to serious and organized crime groups, so they collect data and might use it against their victims later, making consumers more susceptible to phishing attempts."

Jake Moore, a global cybersecurity advisor at software company ESET, told The Guardian, "Data is the new currency." He warned that such accumulation of personal data could also be valuable to foreign intelligence services for surveillance purposes.

The existence of the network of fake shops was revealed by Security Research Labs, a German cybersecurity consultancy, which obtained several gigabytes of data and shared it with Die Zeit.