Scammers are using a variety of ways to steal your credit card information, and passing off as famous fashion brands is one of them.
These cybercriminals usually originate from Eastern Europe, such as Russia and Ukraine, and utilize fake WHOIS information for the domains they use.
In a recent case involving several dot .fun domain names, major fashion houses are being replicated, with a full portal and inventory at heavily discounted prices.
These fake portals use domains such as:
- pook.fun for Ralph Lauren
- uggp.fun for UGG
- goss.fun for Canada Goose
- ddmk.fun for Dr.Martens
- aacd.fun for Lacoste
- nne.red for Adidas, Nike, New Balance
- noff.fun for The North Face
These domains are then listed on an image with a discounted sales indicator, 80% – 90% off. These images are then shared on social media, particularly on Facebook, and fake profiles are used to promote the initial wave, tagging people’s accounts.
When someone visits these scamming web sites, they view the same super-discounted prices.
Tapping on people’s greed and stupidity is how this scam works. Once you reach the payment page, your credit card information is relayed to the scammer’s database – in the case of these .fun domains it’s hosted on a server in Turkey.
Once these domains get marked and reported, the scammers simply go ahead and register others, in a variety of TLDs, but usually new TLDs that are being discounted in the $1 dollar – $2 dollar range.
In a nutshell: discounted sales presented on domains shared around the Internet is a sure way to lose your credit card and other personal information to scammers.
Stay safe, and happy holidays.