Bitdefender researchers have uncovered a surge in subscription scams, both in scale and sophistication, spurred by a massive campaign involving hundreds of fraudulent websites.

• Incredibly convincing websites, selling everything from shoes and clothes to diverse electronics, are tricking people into paying monthly subscriptions and willingly give away credit card data.
• Many of the websites are linked to a single address in Cyprus, likely home to an offshore company.
• The scam encompassed more than 200 different websites, including many that are still up and running.
• Criminals create Facebook pages and take out full ads to promote the already classic "mystery box" scam and other variants.
• The "mystery box" scam has evolved and now includes almost hidden recurring payments, alongside links to websites to various shops.
• Facebook is used as the main platform for these new and enhanced mystery box scams
• Content creators are being impersonated to promote mystery boxes or fraudster create new pages that look a lot like the originals.