New Subscription-Based Scams Attacking Users to Steal Credit Card Data

A sophisticated wave of subscription-based scams is sweeping across the internet, specifically designed to steal credit card information from unsuspecting users.

These fraudulent operations have evolved beyond simple phishing attempts, now employing complex psychological tactics and convincing digital storefronts to lure victims.

The scams masquerade as legitimate e-commerce sites selling everything from clothing and electronics to beauty products, but with a dangerous hidden agenda.

Unlike traditional scams that aim for a one-time payment, these new subscription-based fraud schemes are designed to extract recurring payments from victims.

They typically begin with an enticing offer – a heavily discounted product or a “mystery box” containing supposedly valuable items for just a few dollars.

However, buried in fine print during the checkout process is the real trap: an agreement to recurring subscription charges that can amount to significant sums every two weeks.

Bitdefender researchers have identified more than 200 fraudulent websites participating in this campaign, with many still actively operating as of April 2025.

What distinguishes these scams is the substantial investment cybercriminals have made in creating convincing fake storefronts that successfully bypass increasingly cautious consumers’ skepticism.

“As people grow more cautious and cyber-aware, scammers are stepping up their game,” note Bitdefender analysts in their recent report.

“They have already begun crafting more complex and convincing schemes to bypass skepticism and lure victims into handing over sensitive information, especially credit card data.”

The scammers heavily leverage social media platforms, particularly Facebook, where they deploy targeted advertisements impersonating legitimate brands or content creators.

Many of these fake advertisements direct users to websites with professionally designed interfaces and seemingly legitimate product offerings.

The Subscription Deception Mechanism

The true innovation in these scams lies in their subscription mechanism. When users reach the payment page, they’re often already convinced of the legitimacy of the offer.

At this vulnerable moment, the scammers introduce a second layer of fraud – a membership subscription disguised as a benefit.

For example, one site advertises: “Buy at member price and get FREE access to the best prices in Europe with an account top-up of 44.00 EUR/every 14 days.

Skip or shop the top-up.” This text is typically displayed in a tiny font that many users overlook when completing their purchase.

The subscription models vary across websites but follow a similar pattern – they offer tiers with supposed perks like “first priority on new arrivals” or “huge discounts on all items.”

These memberships often use a credit system to further confuse users about the actual monetary value being charged to their cards.

Most concerning is that many of these scam websites share similar design elements and registration information pointing to Cyprus, suggesting a coordinated campaign by organized cybercriminals specifically targeting users’ credit card data through these deceptive recurring payment schemes.

Are you from the SOC and DFIR Teams? – Analyse Malware Incidents & get live Access with ANY.RUN -> Start Now for Free.