February 21, 2024

A new report from automated brand protection firm Bolster has uncovered a campaign that has been active since June 2022, tasked with stealing people’s bank and credit card data. These brands include Nike, Adidas, Puma, Skechers, New Balance, Timberland, Reebok, Vans, The North Face, Fossil, Guess, Kate Spade, Casio and many more.

Click to get KURT’s free CYBERGUY newsletter with security alerts, quick tips, tech reviews and simple how-to’s to make you smarter

How do these scammers impersonate such a popular brand?

Researchers It has been discovered that scammers work by creating fake websites that look like they legitimately belong to the popular brands they are impersonating. The campaign has previously registered at least 3,000 domains and approximately 6,000 websites to scam shoppers.

Scammers disguise websites to look like a company’s actual website by combining a brand name with a city or country followed by a generic top-level domain (TLD), such as “.com.”

For example, one website that has been proven to be fake is “,” a website run by scammers to convince online shoppers in Italy that they are shopping from the Italian version of Puma’s online store.

Beware of Fake Websites (support)

Tips to help you tell if an online store is real or a scam

How does the deception work?

When a person searches for a brand name, these impersonation sites show up as the second or third result on popular search engines like Google. Then, once the scammers trick shoppers into buying products on the counterfeit website, the shoppers either don’t receive any merchandise at all, or receive counterfeit branded items that they didn’t pay for.

The real problem is that these scammers now have shoppers’ names, credit card information, shipping addresses, and email addresses, which they can do with.

For more of my security alerts, subscribe to my free CYBERGUY Reports newsletter by going to CYBERGUY.COM/Communication

What do scammers do with the information they steal?

Fake cougars on the site

fake puma website (Puma-Italy)

Some might just use credit card numbers to start buying whatever they want, while others might go a step further, stealing shoppers’ identities and committing all kinds of fraud.

How did the scammers get away with it for so long?

The reason scammers have been creating these fake sites for so long and getting away with it is that they’ve been using a method called domain aging. This means that scammers will make a website dedicated to scamming and then keep it inactive, allowing a domain up to two years before using it to carry out any attacks.

The reason for this is that search engines tend to view old domains as more trustworthy and authoritative than newly registered domains. In some cases, this can also significantly improve their rankings to second or third on Google for many brand-related keywords. Here’s an example from Clarks:

clark shoes

google for clark shoes (support)

Pig Slaughter Scams: What to Know About Online Scams and How to Avoid Them

How can I protect myself from these fake sites?

There are a few key things you should consider anytime you shop online. Here are some of my suggestions.

beware of big discounts

If you’re shopping for a particular brand and you know it’s usually pricier, but you see a substantial discount on a product claiming to be from that brand, you should proceed with caution. This can be hard to catch, especially if you’re visiting a site that looks very close to the real thing, so it’s best to check multiple sites that might sell these items and compare prices if possible.

check url

As mentioned earlier, this particular campaign is known to use a brand name combined with a city or country to make a URL name. If you visit any website with this format, it is probably a scam.

You should also make sure that every site you visit starts with https:// rather than http:// as this will ensure you have an extra layer of security when browsing online. HTTPS uses encryption to secure communications between your browser and websites, protecting the integrity and confidentiality of transmitted data. This encryption makes it more difficult for attackers to intercept or manipulate the information you exchange with the website.

It’s important to note that while HTTPS helps secure your communications with a website, it doesn’t guarantee that the website itself is trustworthy or free from other security vulnerabilities.

Beware of Sponsored Google Links

A photo of a woman stressed on her laptop

There is always at least a slight risk when you shop online. ( )

Free Antivirus: Should You Use It?

When doing a Google search, try to avoid clicking on any links that appear under Sponsored. Hackers have found ways to get their fake websites to appear at the top of people’s Google searches so that they click on them first, so be careful before clicking on any search results.

Keep your antivirus software turned on and active

Having antivirus software on your device will ensure that you do not click on any potentially malicious links that could install malware on your device, allowing hackers to access your personal information.

See my expert reviews of the best antivirus protection Your Windows, MacAndroid, and iOS devices by visiting

Kurt’s Essentials

There is always at least a slight risk when you shop online, especially now that scammers are finding more and more nefarious ways to trick people into handing over their information. Make sure you stay vigilant and don’t give out your information to anyone. Scammers try to trick people who don’t pay close attention to details, so as long as you follow my tips, use your judgment, and exercise caution, you should be able to buy what you need online.

Click here for the Fox News app

What else do you think these big brands can do to raise awareness of scammers trying to impersonate them? Have you ever fallen for one of these fake website scams?tell us by writing

more for me security alertsubscribe to my free CyberGuy Reports newsletter by going to

Copyright 2023 all rights reserved.

Source link

Leave a Reply

Your email address will not be published. Required fields are marked *