In 2023, security experts observed a notable rise in phishing campaigns aimed at retail businesses, with a particular focus on private sellers operating on online marketplaces. Industry stakeholders from Solar AURA, a digital threat monitoring center within the Solar group of companies, have highlighted how these attacks are evolving and what they mean for sellers across North America. This shift places marketplace sellers squarely in the crosshairs, as fraudsters seek to exploit trusted platforms to harvest credentials and access sensitive information.
Solar AURA’s threat intelligence indicates that roughly 7,000 phishing sources were identified in 2023. The most prominent category, accounting for about 17.4 percent of incidents, involved sites imitating online stores. What stands out is that many of these counterfeit pages target the sellers themselves rather than the buyers, aiming to capture seller account credentials, payment details, and business information that could be used to drain funds or disrupt storefront operations. The emphasis on seller-targeted scams underscores a broader shift in the phishing landscape where impersonation and social engineering are tailored to the ecosystem of marketplaces that pair merchants with customers.
Since mid-last year, there has been a noticeable surge in fake sites designed to gain unauthorized access to seller accounts on major trading platforms. Security analysts warn that this trend is likely to persist into 2024, with new fraud pages appearing daily. For Canadian and U.S. sellers, the implication is clear: ongoing vigilance is essential as attackers refine methods to bypass platform protections, harvest access tokens, and harvest control over storefronts. Continuous monitoring, multi-factor authentication, and platform-specific security settings become critical defenses in a landscape where speed and convenience can collide with risk.
Within the financial domain, the credit and finance sector ranked second in the volume of phishing sources. In 2023, attackers shifted focus from merely grabbing bank card data to compromising a bank customer’s personal account. This pivot aligns with a broader aim to gain entry to broader financial profiles, enabling fraudsters to conduct more damaging operations. In addition, 8 percent of detected phishing sites in the banking sector served to distribute malware, including remote administration tools that masquerade as legitimate bank technical support applications. The use of such tools highlights a growing trend where cybercriminals blend credential theft with remote access exploits, amplifying the potential impact on individuals and small businesses.
Fraud prevention experts note that these tactics have extended into the world of telephone scams, where attackers leverage compromised seller accounts and platform data to impersonate legitimate support channels. The evolving attack surface requires sellers to adopt layered defenses, including routine verification of communications, careful scrutiny of any requests for access or payment changes, and the implementation of security best practices that limit exposure without sacrificing operational efficiency.
Experts also caution that a significant portion of interference begins with social engineering that exploits trust in familiar online marketplaces. Sellers are urged to remain vigilant against unsolicited messages, suspicious login prompts, and unusual requests for account actions. The goal is not merely to block a single intrusion but to disrupt the entire chain of compromise, from phishing pages to unauthorized access and misuse of platform features. In this environment, proactive defense and ongoing education are essential for maintaining a secure selling operation across North American markets. marked citations: Solar AURA threat intelligence team, 2023 phishing source analysis, and ongoing risk assessments from security researchers.