You may have perhaps heard of the CEO scam? With this, employees receive a fraudalent email from their boss, asking them to transfer a lot of money to a certain account. While the front part of the email address matches the real name, the domain is fake. Often the domain @ceopvtmail.com is used.
Even more deceitful is when even the correct email address of the boss is set as the sender name. The wording of the emails is very personal and well researched, the scammers know the procedures and contact persons. The employee thinks that the request is coming from their boss - and suspects little.
According to several consumer protection agencies around the globe, this scam alone has cost millions in damage (see example). The same applies to fake online stores. A survey by the German Brandenburg Consumer Center showed that more than four million buyers had fallen into the trap of a fake online retailer. The buyers ordered and paid for goods, but they were never delivered. The money is gone, and there is ensuing damage as a result.
In this article we will explain how to recognize a fake website and which domains indicate scams on the web.
These signs indicate a fake online store - The checklist:
Everyone who shops on the net is happy when they find a bargain or a good deal. But beware: If the price is extremely low compared to competitors, you should be careful. Before you transfer money hastily, you should check for the following things.
#1 Does the domain name match?
Often scammers copy an original domain name of a well-known store or brand with small deviations and model their fake website after the original. A good example is the fake store: www.pandoracharmsclearance.us*. This store is not the original Pandora jewelry store, but instead is selling cheap imitation products from China.
- Check against on the net, google the brand or the original store.
- Compare the offer. It is suspicious if the brand name in the domain is extended with -24 or any other number.
#2 Are security protocols used?
Fake stores want your money – they aren’t concerned about your security. You should never enter your bank details on an unencrypted page.
- You can recognize these by the open and crossed-out security lock in the address line.
- Also, a secure URL starts with https and not just http.
If in doubt, cancel the payment process and instead make purchases where your data is handled securely.
#3 Does the domain of an advertising link remain constant?
Be careful with links in promotional emails or ads. At first glance, a seemingly correct domain name of a well-known store is used, for example "www.amazon.de/my_account". But it then redirects to a fake store with a different URL.
- Copy the link and verify it in the browser before clicking on it.
- Cryptic numbers and letters in the URL field of the target page or a changing domain should raise suspicion.
- Try to perform the action by directly entering the original page without using the link. Call their customer service department and inquire about the promotion.
#4 Does the content match the domain?
Some scammers are brazen and don't even bother to match their domains to the product. Then, under the name of a psychotherapy practice, women's clothing is sold and under a domain that indicates a music label, an Armani store is simulated (peja-records.de*).
#5 Reveal deficiencies on the site
Online stores that cheat unsuspecting users out of their money often have a short lifespan. They pop up and disappear just as quickly to attract minimal attention. As a result, site creators put only moderate effort into the content and design of these websites. And you can detect this in the following ways:
- Frequent spelling mistakes and grammatical errors indicate a suspicious offer. The style of the texts, the way the customer is addressed or the expressions and tone used, which deviates from the original appearance of a brand, unmasks a fake store.
- Is the payment method only possible in advance? Back off! This is the typical scam of a fake store. Also, particularly attractive discounts for advance payment could be a bait offer.
- A faulty or even missing imprint is a clear indication, as are missing or faulty terms and conditions. A short Internet search can help detect a fraudalent site by discovering whether the store's address is correct and whether the sales tax identification number actually exists. Or contact the store, preferably by phone - if possible.
- Fake stores that copy larger online stores, for example to grab user data, usually have errors or are slightly off in the design or color scheme of the orginal store’s bradning. In this case direct comparison helps to uncover the fraud.
Finding known fake shops quickly thanks to consumer protection
Consumer protection agencies typically maintain extensive lists of known fraudalent websites. It is definitley worth scanning these lists to see if the store is already identified as a fake before you give into a tempting offer. These lists are constantly being updated and expanded. In the US, the Bureau of Consumer Protection is a goverment agency under the Federal Trade Commission who investigates and prosecutes Internet scams of all kinds. They have a portal open to the public for reporting fraudalent activity online and phishing scams.
A domain is like a billboard. The shorter and more descriptive the domain, the more likely the visitor will trust the domain. Additions that don't make sense in the keyword or TLDs that are completely unknown to you should always raise red flags.
If you offer goods or services online, make sure you have a complete domain portfolio, and own all variations of your domain in terms of keyword and TLDs. This makes it much more difficult for fraudsters to misrepresent your website.
If you have a great name in mind, make sure to check out Sedo’s marketplace to se if it is for sale or if our Brokerage Service can help you to get it!
*Due to the short lifespan of these fake URLs, they are probably no longer online by the time the article is published.