With the kick-off to holiday shopping, much of which has become digital, cybercriminals are capitalising on the surge in online activity to carry out fraud, according to Netcraft’s research fake retail sites rose by 135 percent as of the end of October 2023, during Black Friday and Cyber Monday frenzy.
The report disclosed that fake retail sites were at 63 percent in October last year, this shows that it more than doubled in the last 12 months.
During Black Friday and Cyber Monday, many authentic websites offer huge discounts on real products, which makes it easier for cybercriminals to exploit trusting shoppers.
According to the report, while claiming to offer highly discounted goods, the fake online shops either impersonate the websites of luxury brands and established retailers or operate across multiple brands.
“The websites are often a front to capture payment details and other sensitive information. The details shoppers submit can be used directly or sold to other cybercriminals,” it said.
Black Friday is a colloquial term for the Friday after Thanksgiving in the United States. It traditionally marks the start of the Christmas shopping season in the United States. It has, however, become a global event as several stores in Nigeria also observe it every year with announcements of discounts on their products.
How to identify fake online shops
Netcraft research identified various insights into how shoppers can avoid falling victim, these include.
Extreme discounts – Fake shops often offer an extreme 50 percent to 95 percent discount, showing an imaginary old (possibly inflated) price struck out. This can be a very good signal for brands that rarely offer legitimate discounts.
No contact information – The absence of contact details in terms of a geographic location or a phone number is a clear indicator of malicious intent, as is the presence of generic and templated content in the ‘about us’ section, which often includes text that could be used for any organization.
Malicious links – Fake shops will often include social media icons, but they either won’t contain links or will link to a fraudulent profile.
Brand mismatching – where (for example) a fake shop that’s supposed to be selling electrical goods includes Nike logos. Another indicator is fake retail sites insert a well-known logo into a predesigned template of the cybercriminal’s choosing.
Domain – Fake retail sites frequently use domain names that are deceptively similar to well-known brands, which could be a common mis-spelling, the addition of geo-based attributes [such as vionicskonorge.com], or an attempt at deception by adding a phrase such as a sale or ‘discount’ to a legitimate brand.