Cybercrime: Too good, too cheap… Watch out for good deals on the networks | Your technology | The country
Nike sneakers for 20 euros, an Hermès bag for 100 euros… Social networks were flooded this Christmas period with advertisements for products at knockdown prices and it was extremely tempting for many not to click. After accessing these advertisements, the user would come across a website with an appearance exactly identical to that of the advertised brand and it was almost impossible not to take advantage of a so-called bargain that never reached its buyers. There The police issued a statement warn about this scam and proceed to block these fraudulent websites.
The dynamics of this scam have always followed the same operation: the scammers cloned the web pages of the brands they used as bait, but hosted them in third countries (according to the authorities, mainly on servers in the United States). . With these stores already duplicated, the next step was to camouflage the domains with regional extensions, i.e. instead of the legitimate ones.Adidas.com“, they used a local extension, so at first glance it was difficult to detect the fraud. The scammers then used payment gateways in Brazil and, once the sale was cleared, they kept the amount without sending the product.
It was the police themselves who opened an investigation following a multitude of complaints from users scammed using this technique. The police press office confirmed to EL PAÍS that there have been more than 200 complaints, many of which use the address fraudinternet@policia.es for this purpose. Scammers, in addition to using the regional Internet domains noted above, have in some cases modified the original brand. The police informed this media that, for example, they had added an “es” to the SCALPERS brand, or that in the case of Massimo Dutti, the modification was cruder: “Massimo Clothing”.
The tip of the iceberg
Despite the high number of complaints, the authorities suspect that there could be many more people affected, because, due to the low unit amount of fraud, “they do not report the facts” to the police authorities. In any case, the researchers blocked the reported websites in collaboration with the domain registration companies. The fact that this fraudulent campaign started during Black Friday and continued throughout Christmas complicated matters, because at this time advertisers intensify their campaigns and it is easy for a fraudulent ad to go unnoticed in an Instagram post .
How is it possible that it is so easy to pull off a scam of this magnitude? “Cloning a website is very simple,” Fernando Suárez, president of the General Council of Higher Schools of Computer Engineering, explains to EL PAÍS, “scammers simply download the page and clone it with another domain or by adding a letter to the brand”. A simple scam, since “social networks make very sweet offers”, he explains in reference to the advertisements present on these pages with content cloned from social networks.
How to avoid deception
This scam is an updated version of the popular “stamp scam”: scammers promise a product at a price well below market price and run off with the money. Let’s exchange “the little tampons” for clothes from “Massimo Clothing”, and the scam is complete. In this sense, the first alarm signal should be the very existence of an offer that is too attractive: “You have to be wary of an offer that is too cheap,” explains Suárez.
This expert recommends in all cases an additional measure: carrying out a search for the brand in question on Google and accessing the product offered from the search engine. What do you get with this? Fraudsters play in the short term and search engines do not have time to collect these pages, so the content offered by search engines has more guarantees of being real.
The authorities, for their part, recommend taking a close look at the URL of the product offered and being wary of any domain or extension that does not belong to the brand. Suárez also suggests checking that the offer website “has the padlock” which verifies that the website is https (at the start of the URL) and, therefore, encrypted. The Police also flag spelling mistakes or inconsistencies in content as an element of suspicion, as scammers usually prioritize the execution of the scam and do not pay attention to details: poor quality images, bad translations , etc.
A final tip for online purchases, as Suárez suggests, is to use a credit or debit card specific for this purpose “which can be easily blocked by the user himself” and with a limited balance that can be recharged. In short, and as a general rule, apply the maxim “no one gives money for nothing”.
You can follow EL PAÍS Technology In Facebook And X or sign up here to receive our weekly newsletter.