Contactez-nous Suivez-nous sur Twitter En francais English Language

De la Théorie à la pratique

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Fake-Domain Trick Increases Online Holiday Shopping Cyber Threats

November 2019 by Check Point

Criminals are tricking shoppers into purchases on fake websites that impersonate big retailers as Black Friday and Cyber Monday fast approach

Key Findings:

- Links to phishing websites are distributed via email promotions, slipping through undetected amid myriad of legitimate discount offers

- Number of e-commerce related phishing websites accessed during the online shopping season has more than doubled since November 2018.

- More than 1,700 domains which look similar to the domain have been registered in the past 6 months

- Researchers find fake Ray Ban sunglasses website as example

Online phishing URLs jump 233% in past 12 months

Black Friday and Cyber Monday are around the corner. Adobe Insights predicts consumers will spend $9.4B on Cyber Monday in the US. As the shopping holidays fast approach, Check Point researchers noticed something startling: online shopping phishing URLs have more than doubled since last 2018. In fact, the number is up by 233%.

Fake-domain trick explained

Threat actors begin their deceptive operation by first registering a look-alike domain similar to well-known, legitimate online stores. For example, more than 1,700 domains which look similar to the domain have been registered in the past six months.

Example: Ray Ban

Check Point Researchers tracked a threat campaign involving the popular sunglass brand Ray Ban. The campaign started on November 7, 2019 and has been sent to thousands of potential victims. The lookalike domain https://rbs.xwrbs[.]com/ was used as a repeating motif in this scam campaign. The scam site only accepts payment using PayPal. The following email blocked by our systems this week, offered recipients a special Black-Friday bargain of up to 80% discount on Ray Ban Sunglasses!

The email led to the following fake site below:

How to NOT get tricked

Check Point researchers recommend the below as precautions:

- 1. Verify you are ordering from an authentic source. One way to do this is to NOT click on promotional links in emails, and instead Google your desired retailer and click the link from the Google results page.

- 2. Beware of “special” offers. An 80% discount on the new iPhone is usually not a reliable or trustworthy purchase opportunity.

- 3. Beware of lookalike domains, spelling errors in emails or websites, and unfamiliar email senders.

See previous articles


See next articles