A report by Netcraft, a global fraud protection solutions company, has revealed that fraudsters have been flooding the internet with fake online stores leading to a 135% increase at the end of October 2023.
During Black Friday and Cyber Monday, many authentic websites offer huge discounts on real products, which makes it easier for cybercriminals to exploit trusting shoppers.
According to the report, while claiming to offer highly discounted goods, the fake online shops either impersonate the websites of luxury brands and established retailers or operate across multiple brands.
It added that the websites are often a front to capture payment details and other sensitive information. The details shoppers submit can be used directly or sold to other cybercriminals.
Black Friday is a colloquial term for the Friday after Thanksgiving in the United States. It traditionally marks the start of the Christmas shopping season in the United States. It has, however, become a global event as several stores in Nigeria also observe it every year with announcements of discounts on their products.
Staggering increase
Analysing its findings, Netcraft said:
“As of the end of October 2023, Netcraft’s research has identified a staggering 135% increase in fake retail sites blocked compared to October last year, on top of an increase of 63% over October the previous year, conveying that the annual increase more than doubled in the last 12 months over already alarming growth.”
“These fake retail sites include copies of the spoofed site’s authentic logos, trademarks, and products to make the scam more convincing, but that’s not the only technique cybercriminals use. They also host fake retail sites on deceptive domains. This typically involves registering a domain name that is deceptively similar to another (usually well-known) organization. Once again, the aim is to trick users into believing they are interacting with a trustworthy website,” it added.
How to spot fake online stores
The Netcraft report offers some insights into how shoppers can avoid falling victim. According to the company, the questions to ask include:
“Are the prices too good to be true? Fake shops often offer extreme 50% to 95% discounts, showing an imaginary old (possibly inflated) price struck out. This can be a very good signal for brands that rarely offer legitimate discounts.
“Does the shop provide contact details in terms of a geographic location or a phone number? The absence of these is a clear indicator of malicious intent, as is the presence of generic and templated content in the ‘about us’ section, which often includes text that could be used for any organisation.
“How is the site promoted? Fake shops will often include social media icons, but they either won’t contain links or will link to a fraudulent profile.
“How professional is the page design? Fake retail sites rarely duplicate the brand exactly; they usually insert a well-known logo into a predesigned template of the cybercriminal’s choosing. Another indicator is ‘brand mismatching,’ where (for example) a fake shop that’s supposed to be selling electrical goods includes Nike logos.
“Does the site have a questionable domain? Fake retail sites frequently use domain names that are deceptively similar to well-known brands, which could be a common mis-spelling, the addition of geo-based attributes [such as vionicskonorge.com], or an attempt at deception by adding a phrase such as a sale or ‘discount’ to a legitimate brand.”
Online shopping is reported to account for 5.7 trillion dollars spent in 2022. During the same period, cybercriminals and other threat actors committed nearly 41 billion dollars of fraud.