Please note that we are using Ray-Ban as an example because it is one of the desirable international brands that suffer from fake sites. We could have easily used Nike, Corrs, Coach, Sony, Samsung and thousands more name brands.
Is it a real ‘Ray-Ban’ website? Hundreds of fake websites
spring up using obfuscated web addresses like https://www.rayban.blackfriday.Australia.onlineshop.XYZ.ky–
looks like a Ray-Ban site, but it is really a super domain of XYZ.ky (Cayman
Islands or any other country where you can easily register a fake domain).
The site usually scrapes (copies) an official website like https://www.ray-ban.com/australia/black-friday/clp, alters the embedded e-commerce links and puts in tempting prices.
So, as far as you can tell its kosher as descriptions are
You pay with a credit card or Pay Pal, enter your shipping address
and mobile number and guess what – you never receive the goods, or they are cheap
But the cybercriminal has your money and details, and there
is nothing you can do.
Fake phishing emails
Cybercriminals send out millions of fake emails to drive traffic
to fake websites, usually offering a further discount for entering a promotional
code and often asking you to answer a few customer questions – gender and age
Because the clickable link is embedded under text, it obfuscates
it – or it could use a simple Bitly link shortener like RayBan.bit.ly. Phishing
emails receive a higher click-through rate.
How to identify
Beware of sites that ask you to install a browser
extension to view ‘special’ prices – it is spyware
Look for spelling or grammatical errors –
cybercriminals may be masterminds but no master spellers.
Be especially wary of embedded links. Hover your
mouse (if you use one) over the link text and if it does not have RayBan.com as
the domain, then go direct to rayban.com.
Be especially wary of clicking links on social
Be aware of obfuscated and look-alike domains –
unless its RayBan.com it is not Ray-Ban.
Be aware of offers that are too good to be true.
Most cyber sales are from 20-50% off – anything more you have to question.
Fake sites are just as easy to set up inside legitimate
sites like Amazon
If you shop online set up a separate account and
debit card that can limit your exposure if burnt. Transfer just enough money to
that account to cover purchases.
Never give a photo or scan of the front and back
of a credit card, drivers licence or other ID to prove who you are
Check your bank statements to catch fraudulent activity
and advise banks immediately
Don’t save your credit card details online.
And beware of fake delivery emails that ask for
more details or require you to log into a site to confirm them. These usually upload
Check Point says that the number of fake sites this year has
more than doubled over 2018. And the amount sold via cyber sales is setting all-time
GadgetGuy’s take – cybercriminals love cyber shopping events
You may notice that we have stopped publicising cyber sales
events – because the chances of being caught by a fake site are now too high.
Check Point identified 350,000 fake sites for Cyber Friday alone. We have seen
plenty of examples of phishing emails as well.
But more than that, the desire to bag a bargain turn
ordinary rational people into screaming mad shoppers. They forget things like
overseas goods are not subject to Australian Consumer Laws, refunds may be
impossible or incur return freight and you never see the products or the money
again. Banks and PayPal now exclude fraudulent cyber sales from refunds and
risks are too high.
Until we get a tamper-proof digital licence for stores and people you can’t trust the web for online sales, especially at cyber sales times.