Victims have reported significant financial losses, with some having their credit cards stored in digital wallets like Apple Pay and Google Pay, leading to repeated unauthorized transactions.

'Magic Cat' is marketed as a software-as-a-service for several hundred US dollars per week, making it accessible for criminals looking to create fake websites.

A recent investigation has uncovered a phishing network from China responsible for a surge of fraudulent messages targeting thousands of individuals in Germany.

This network, known as 'Darcula', employs fake DHL text messages to lure victims into providing sensitive credit card information on counterfeit websites.

At the center of this operation is a 24-year-old developer named Yucheng C., also known as 'Darcula', who created a software called 'Magic Cat' that facilitates the creation of convincing fake websites.

'Magic Cat' is capable of replicating the websites of over 130 organizations, particularly focusing on postal services, and allows real-time monitoring of victim data entry.

The software captures user information even if victims attempt to delete it after entering their details, making it a powerful tool for scammers.

The phishing network reportedly spans about 130 countries and involves around 600 participants, with nearly 884,000 victims entering their credit card details over a seven-month period.

Reports indicate that approximately 900,000 victims globally may have exposed their credit card data between late 2023 and mid-2024, including over 20,000 victims from Germany alone.

Despite the scale of the fraud, the Federal Criminal Police Office of Germany (BKA) has not initiated a formal investigation into the Darcula network, citing challenges in international cooperation.

Researchers gained insights into the criminals' operational methods through access to internal chats and a Telegram group used by the scammers for seven months.

DHL has acknowledged the frequent impersonation of its website in these scams but declined to comment on specific cybersecurity inquiries.