Can you spot the fake in this quiz?
Pretend youre shopping online at maybe Best Buy or Amazon or L.L. Bean or someplaceyou consider trustworthy. And there it is the exact thing you were looking for and at a hard-to-beat price. You click buy, type in your credit card number, and walk away feeling like you've snagged a good deal. But days later, your order hasn't arrived, and when you check back, oops! The website is nowhere to be found!
Welcome to the wonderful world of website impersonation fraud a growing danger that's getting harder to spot by the day, no matter how smart you think you are.
"Evil'lution"
Website impersonation isn't a new scam, but it's one that's evolving rapidly. For as little as $300,cybercriminals canbuy "phish kits"-- ready-made tools designed to look like trusted sites, like banks or social media, to trick people into giving away their personal information.
Plus, scammers can go on domain registration sites (e.g. GoDaddy, Network Solutions)and purchase a sound-a-like domain name they can use to fool people -- such as "justamazondeals.com" or "Amazon360.com" -- no questions asked.
The Amazon fakes
Memcyco a real-time digital risk protection agency looked into Amazon, the second most imitated retailer,and in Memcycos first scan alone, found four live fraudulent Amazon sites, as well as one old attack. Each one of these dupes exposes hundreds of thousands, if not millions, of Amazon customers who could easily mistake it for the legitimate website.
Major companies like Amazon are spending way too much time (and money) playing cat and mouse with fake versions of their websites. Last year alone, Amazon invested more than $1.2 billion and employed more than 15,000 people dedicated to fighting fraudsters.
And the consumers feel the hurt, too
For the consumers who fall for these scams, the consequences can be devastating. If you fall victim to one of these fake sites, your personal data could be compromised, leading to unauthorized charges, stolen identities, or even drained bank accounts. In some cases, victims dont even realize theyve been scammed until the thief has already spent their money.
And while companies like Amazon have robust security measures in place, they can't always prevent these impersonation attacks from occurringor reimburse every victim. And dont even think about asking your bank to help cover you.
How to spot a fake
Israel Mazin, Memcycos co-founder and CEO, emphasizes the importance of consumer awareness.
"The best defense against these scams is vigilance," he says. "Consumers need to be aware of the signs of a fake websitethings like slightly altered URLs, poor grammar, or offers that seem too good to be true. And companies must continue to innovate in their security measures to protect their customers."
ConsumerAffairs asked him to illustrate some real fakes and, as youll see, theyre pretty impressive copycats.
Here are four examples of Amazon site interfaces 3 are fake and 1 is real. Can you spot the real one?
(The answer is in the "newest ways to spot a fake"section, below)
The newest ways to spot a fake
Did you spot the "real" site above? It was the third one -- the one with the shoes. If you did, congrats, but you should read the rest of Mazins adviceon the new things you can use to help eyeball a fake website because it could come in handy someday.
Domain name and domain nameextensions
"Carefully examine website URLs (the wwws) for look-alike domains that mimic legitimate ones such as 'shopping.amazon.com,' Mazin says. And look at the "extension" of the URL. The typical one is .com, of course, but fakers are turning to others to try and fool consumers with URLs like www.amazon.ru.
Be extra careful before you click on any of these:
.LINK
.TIO
.TOP
.RU
.CLUB
.SITE
.XYZ
.APP
.LIVE
.BUZZ
.GQ
.TK
.FIT
.CF
.GA
.ML
.WANG
.ME
.MOBI
.SU
.BIT
.ML
Use Googles safe browser tool
Another newbie in our parade of precautions: Googles Safe Browsing Status. Go there, paste in the URL of the site you think is real and see if it is or not. If Google says its not, its not. And if Google says its not sure, youd be smart to not risk that, either.
Social media
Brittany Allen, Senior Trust and Safety Architect at fraud detection company Sifttold ConsumerAffairs that if you see a site/brand promotion on social media from an unverified account, or even an offer from a verified account that seems too good to be true, you should be cautious. We may think those sites should, but Allen says that X (aka Twitter), Facebook, Instagram, TikTok, etc. do not vet all individual posts and hyperlinks in advance.
Photo Credit: Consumer Affairs News Department Images
Posted: 2024-08-06 15:28:55
