Fan of Fendi? Lover of Louboutin? Gaga for Gucci? Be careful, as there are more than 500 websites out here that are actively tricking web users into thinking they’re legitimate luxury fashion websites.
DomainTools and Farsight Security in a joint report have uncovered a widespread trend of cyber-squatters targeting global haute couture brands, with 538 registered domains using the trademarked names of eight of the world’s leading fashion houses.
Cyber-squatting is the practice of purchasing domains with the intent of stealing internet traffic from a well-known brand or individual. The firm analyzed domains mimicking Cartier, Givenchy, Louis Vuitton, Burberry, Hermes, Chanel, Prada and Gucci and found hundreds with close-but-no-cigar web addresses. Examples include givenchy[.]com, burberryyuk[.]com, cartierwatches[.]me, hermes-bag[.]us and more.
These domains are often used in phishing email campaigns and various other kinds of scams, including pay-per-click ads, for-profit survey sites and social media scams to trick customers into handing over personal details and money for a product.
“The ease of creating a domain is great for the average person looking to start their own website, but it is a never-ending nuisance for brands that have to monitor for domain squatters,” said Tim Helming, director of product management at DomainTools. “The bigger and more lucrative your brand, the more of a target you become for cyber-criminals.”
To avoid falling for a spoofed website, consumers should look for obvious red flags, like misspellings and extra letters in the names, and domains that have COM-[text] in them, like www.starbucks.com-latte[.]us. DomainTools advises that surfers should also look out for ‘rn’ disguised as an ‘m’, such as modem.com versus modern.com. Also, for linked text, users can verify that the address is what it purports to be by hovering over it and examining the pop-up text.
Have you registered for Infosecurity North America taking place in Boston, 04-05 October 2017? For the full agenda, speaker list and more information, please visit https://www.infosecurity-magazine.com/conferences/infosecurity-north-america/