Global online retail fraud uncovered, affecting big-name brands in the run-up to Cyber Monday.

Share Article

Threat Analysts at Silent Push - a leading global provider of Enterprise-grade threat protection - have uncovered a worldwide e-commerce fraud, featuring thousands of fake websites and payment portals for numerous big-name clothing and footwear brands, in the run-up to the holiday season.

Fake Product Pages are hard to detect

‘This is an expansive malicious campaign, right on the cusp of the holiday season, that poses a threat to millions of consumers all over the world.'

Threat Analysts at Silent Push - a leading global provider of Enterprise-grade threat protection - have uncovered a worldwide e-commerce fraud, featuring thousands of fake websites and payment portals for numerous big-name clothing and footwear brands, in the run-up to the holiday season.

Companies affected include Versace, Prada, Puma, Nike, Ted Baker, Converse, Ralph Lauren, Lacoste, Quicksilver Timberland, Vans, The North Face, La Perla and Ugg.

A large group of threat actors are registering domain names that mimic a brand’s online presence, and tricking users into handing over Personally Identifiable Information and payment cards details, through fake registration and payment forms, and hoax product pages.

The fake sites, featuring valid SSL certificates and HTTPS, all share some common denominators:

· Textual errors, including spelling mistakes and branding/image anomalies.
· Fake products ‘retailing’ for between $50-$300, often at huge discounts.
· A focus on high-end goods from big-name online retailers.
· A lack of product reviews.
· Malfunctioning contact forms and social media buttons linking to standardised login pages.

The fake sites are put together using a standardised template, with some sites currently ranking on the front page of popular search engines, such as Bing, Yahoo and DuckDuckGo.

Silent Push has published a list of IP ranges affected and are actively working on uncovering more Indicators of Compromise, including domain derivatives and site characteristics, as the threat landscape unfolds.

Ken Bagnall, Silent Push’s CEO, said: ‘This is an expansive malicious campaign, right on the cusp of the holiday season, that poses a threat to millions of consumers all over the world.

‘We’re committed to mapping out as much of the threat landscape as possible and passing that intelligence onto our customers and the general public, to mitigate the financial damage that could be caused by such a wide-ranging operation.

‘We’ll be publishing more research in the coming days and offering in-depth analysis of the campaign’s back-end functionality,’ Ken Bagnall said.

Share article on social media or email:

View article via:

Pdf Print

Contact Author

Gareth Howells

Gareth Howells
Silent Push
(703)-860-6398
Email >