Scams involving counterfeit websites that appear to be legit are on the rise

A threat intelligence platform has found that there are more scams involving counterfeit websites that appear to be legitimate e-commerce sites.
A threat intelligence platform has found that there are more scams involving counterfeit websites that appear to be legitimate e-commerce sites.
Image: 123RF

With Black Friday and the festive season approaching, consumers are being warned to exercise caution as there are more scams emerging involving counterfeit websites that appear to be legitimate e-commerce sites.

“We say 'appear to be' because to the untrained eye these sites may look safe, but if you aren’t paying attention, they can steal your payment (and possibly payment information) via a purchase you thought was legitimate,” said FortiGuard Labs, a threat intelligence platform.

The organisation said fake e-commerce sites cover a range of products to lure potential buyers.

“We recently came across a live, active scam that leverages the look and feel of the world’s largest companies and their respective trademarks to compel and lure victims into making purchases from their site.

“These sites are in no way affiliated with the trademark/IP owner, and are recognisable in part because they use the same template over and over in a digital game of whack-a-mole (meaning that as soon as one site gets shut down another one immediately pops up somewhere else),” FortiGuard Labs said.

Several of the high-profile brands it has documented include:

  • Blink (Amazon)
  • Oculus (Facebook)
  • Shimano

Other well-known brand names infringed include:

  • Coleman (camping gear)
  • Ninja (home appliances)
  • Nu Wave (home appliances)
  • Ryobi (power tools)
  • Makita (power tools)

Websites that have since been taken down are:

  • Keurig
  • Nespresso

The organisation said websites it had observed had the following characteristics in common:

  • The domain names have been registered for only a few days to a few months
  • All sites are registered with the same registrar
  • They use .TOP and .SHOP top-level domains (.com is also common)
  • They use stolen imagery
  • They contain numerous grammatical errors and inconsistencies in statements
  • Social media buttons do not resolve anywhere or go to accounts that either do not exist or have been deleted
  • Their web hosting providers use content delivery networks (CDNs) to remain anonymous (via an IP address that cannot be traced).

TimesLIVE

Would you like to comment on this article or view other readers' comments? Register (it’s quick and free) or sign in now.

Speech Bubbles

Please read our Comment Policy before commenting.