Thousands of imposter websites discovered mimicking top brands to steal your banking info

Thousands of imposter websites discovered mimicking top brands to steal your banking info

Make sure you're not getting fooled by these scammers

by Kurt Knutsson

A newly published report from the automated brand protection firm Bolster has discovered a campaign that has been active since June 2022 and whose mission is to steal people’s banking and credit card data by impersonating more than one hundred popular clothing, footwear, and apparel brands. Some of these brands include Nike, Adidas, Puma, Skechers, New Balance, Timberland, Reebok, Vans, The North Face, Fossil, Guess, Kate Spade, Casio, and more.

Credit: Bolster

 

How do these scammers impersonate such popular brands?

Researchers found that the way scammers have been working by creating fake websites that look like they legitimately belong to the popular brand they are impersonating. The campaign has previously registered at least 3,000 domains and around 6,000 sites to trick shoppers.

The scammers disguise the websites to look similar to a company’s actual website and will make the fake website URL look legit as well by combining the brand’s name with a city or country and following it up with a generic top-level domain (TLD) like “.com”.

For example, one website that has been proven to be fake was “www.puma-italia.com”, which was a website run by scammers to make online shoppers in Italy believe that they were shopping on the Italian version of Puma’s online store.

1-FAKE PUMA ITALY WEBSITE

Credit: puma-italia.com

 

MORE: TIPS TO HELP YOU TELL IF AN ONLINE STORE IS REAL OR A SCAM

 

How does the scam play out?

When a person searches for the brand name, these impersonation sites appear as the second or third result on popular search engines like Google.  Then, once the scammers trick a shopper into buying a product on the fake website, the shopper will either never receive any item at all, or they’ll receive a knockoff brand item that they didn’t pay for.

The real issue is that these scammers now have the shopper’s name, credit card information, shipping address, and email address, and they can do whatever they please with this information.

 

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE  

 

What do the scammers do with the information they steal?

Some might simply use the credit card number to start buying whatever they want, while others might take things a step further and steal a shopper’s identity and commit various acts of fraud.

 

How have scammers gotten away with this for so long?

The reason why these scammers have gotten away with creating these fake websites for so long is that they have been using a technique known as domain aging. What that means is that a scammer will make a website specifically intended to be used for scamming and then have it remain inactive, allowing a domain to age for up to 2 years before using it for any attacks.

The reason for this is that search engines tend to view older domains as more trustworthy and authoritative compared to newly registered ones. What this also does, in some cases, is greatly increase their rank to the second or third result in Google searches for many brand-related keywords. Here’s an example of this with Clarks:

 

MORE: ‘PIG BUTCHERING’ SCAMS: WHAT TO KNOW ABOUT THE ONLINE SCHEMES AND HOW TO AVOID THEM

 

How can I protect myself from these fake sites?

There are a few key things you should be thinking about any time that you are shopping for something online. Here are some of my tips.

3-WOMAN FRUSTRATED AT COMPUTER

Beware of big discounts

If you’re shopping for a specific brand and you know that this brand is typically on the pricier side, yet you see products claiming to be from that brand with massive discounts, then you should be cautious. This can be difficult to catch, especially when you’re on a website that looks so close to the real thing, so it’s best to check multiple sites where these products might be for sale and compare prices where you can.

Check the URL

As mentioned before, this specific campaign is known to use the brand name combined with a city or country to make a URL name. If you visit any sites with this format, it could be a scam.

You should also be making sure that every site you visit begins https:// instead of http://, as this will guarantee that extra layer of security when you’re browsing online. HTTPS uses encryption to secure the communication between your browser and the website, protecting the integrity and confidentiality of the data transmitted. This encryption makes it more difficult for attackers to intercept or manipulate the information you exchange with the website.

It’s important to note that while HTTPS helps protect your communication with the website, it doesn’t guarantee that the website itself is trustworthy or free from other security vulnerabilities.

Beware of sponsored Google links

Try your best to avoid clicking any links that come up under Sponsored when doing a Google search. Hackers have found ways to make their fake websites appear at the top of people’s Google searches so that they click on those first, so just be cautious before clicking on any search results.

Keep antivirus software turned on and active

Having antivirus software on your devices will make sure you are stopped from clicking on any potential malicious links which may install malware on your devices, allowing hackers to gain access to your personal information.

Special Deal for CyberGuy Readers:  My #1 pick is TotalAV, and you can get a limited-time deal for CyberGuy readers: $19 your first year (80% off) for the TotalAV Antivirus Pro package.  

Find my review of Best Antivirus Protection here

Best Antivirus Protection 2024

 

Kurt’s key takeaways

There’s always at least a slight risk when you’re shopping for something online, especially now that scammers are finding more and more nefarious ways to trick people into handing over their information. Make sure you’re staying alert and not giving your information away to just anyone. Scammers try to prey on people who don’t pay close attention to details, so as long as you follow my tips, use your judgment, and proceed with caution, you should be ok to shop for what you need online.

 

What more do you think these big brands could be doing to raise awareness about scammers trying to impersonate them? Have you ever fallen for one of these fake site scams? Let us know by commenting below.

FOR MORE OF MY SECURITY ALERTS, SUBSCRIBE TO MY FREE CYBERGUY REPORT NEWSLETTER HERE

Related:

 

Copyright 2024 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.


   

19 comments

Lynn Chapman June 30, 2023 - 4:49 pm

I am enjoying all your iPhone tips. I get scammers all the time. Recently I ordered something from a website called doctor kitchen shop. Ididnt get what I ordered but did get some cheap kitchen containers. I was charged $140

Reply

Leave a Comment

GET MY FREE CYBERGUY REPORT
Subscribe to receive my latest Tech news, security alerts, tips and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder