RIO - Resilience in Online Retail

Katharina Kloiber | 31.03.2025

Get in Touch

As part of the RIO project, the Fake-Shop Detector (www.fakeshop.at) was significantly enhanced and established as a central prevention platform against online fraud. The platform now has over 10,000 daily users and provides risk assessments for over 1.8 million domains. The Detector protects against more than 20,000 known fake shops and contributes significantly to consumer safety with AI-based real-time protection against fraudulent online shops and an explainable and transparent risk assessment.

A central component of the research was the development of a scalable, modular platform architecture that integrates different data sources, processes them via a robust data pipeline and makes them available for various applications. The underlying AI was able to impress with an accuracy of 97.47% at the highest warning level. Through partnerships, such as with Watchlist Internet, the detection results were directly integrated into high-reach warning platforms, significantly increasing the social impact.

Another research focus was on expanding the detection logic. To this end, additional data points such as UID numbers, commercial register entries, imprint information and Google rankings were automatically collected and converted into an explainable evaluation logic. This was supplemented by semi-automatic crawlers that continuously monitor scam sources, thus ensuring data quality and timeliness. This semantically enriched data set enabled a well-founded evaluation of potential scam sites, which is available to both experts for quality assurance and end users for information.

In the area of mobile resilience, an app prototype for Android was developed and tested as part of a user experience study. At the same time, the browser plugin was comprehensively revised, including the addition of multilingualism and push notifications. Due to the increasing importance of mobile shopping, the existing shop check was also optimised for mobile devices and integrated into existing apps such as those of Watchlist Internet.

From a scientific perspective, extensive experiments on the clustering of fake shops were carried out as part of the project. Several AI methods such as K-Means, agglomerative clustering and HDBSCAN were applied to a data set of over 23,000 archived fake shops. In collaboration with Watchlist Internet, a ground truth was created for validation purposes. In addition, a proof of concept for detecting fraudulent crypto investment sites was implemented, whereby a separate archive of over 700 known fraud platforms was built up.

Accompanying studies – including an evaluation study with almost 500 participants and a dark field study on grey areas in online trading – confirmed the effectiveness and relevance of the tools developed. Based on real DNS traffic data, it was also possible for the first time to develop a model for estimating the financial damage caused by fake shops in Austria, which numbers the annual damage caused by fake shops with at least €7.85 million.

The project was accompanied by numerous dissemination activities, including prominent media reports, a comprehensive public dashboard, specialist lectures and awards. Among other things, the Fake Shop Detector was awarded the State Prize for Digitalisation, the Constantinus Award and the eAward, and was rated by AV-Comparatives as the most effective tool against fake shops among 35 international cyber security products – clear evidence of the high innovation and application value of the research results achieved in digital consumer protection.

The research work behind the Fake Shop Detector as part of the RIO project was funded by the KIRAS security research programme of the Federal Ministry of Finance and the Research Promotion Agency FFG.