Following a lead tweeted by a journalist in Mexico, another large set of fake shopping sites has been uncovered by cybersecurity company Silent Push. The English and Spanish websites have been traced back to China.
Everyday, thousands of website domains are registered, and a large majority of them are intended for scams. The cybersecurity firm identified several brand names, such as Apple, Harbor Freight Tools, Michael Kors, REI, Wayfair, Wrangler Jeans, Brooks Brothers, Jos. A. Bank, Nordstrom, Guitar Center, Tommy Hilfiger, and Tumi being targeted with copycat sites.
If you see a shopping advertisement on Facebook, Instagram, TikTok, Google, or somewhere else, it’s very likely to be a scam. Always check the website address. Even if it looks legitimate, it could easily be a site created by a criminal. In this collection of websites they found harborfrieght[.]shop (e and i are reversed), brooksbrothersofficial[.]com, nordstromltems[.]com (a lowercase L instead of an i), guitarcentersale[.]com, tommyilfigershop[.]com (missing an h), and tumioutlets[.]com.
Here are some way to identify fake shopping sites:
- Look for website names that are variations of legitimate sites:
- Switching i, l, and 1, or zero for an O.
- Using foreign or special characters.
- Adding sale, outlet, official, clearance, or discount into the website name.
- You can use the “lookup” tool to see when the website domain was created.
- Be suspicious of heavily discounted prices. If it’s too good to be true, it probably is a scam.
- Look carefully at the website content for blurry images or logos, missing pages such as the “Returns Policy”, limited company contact information, and grammatical mistakes.
You should assume that a large number of advertisements you are seeing are now created by criminals. If you want to look for a deal, go directly to the retailer’s website and located the sale and clearance sections. Don’t lose your money to the criminals.