A widespread brand impersonation campaign has been targeting over 100 popular apparel, footwear, and clothing brands since June 2022. The campaign involves approximately 6,000 fake websites across at least 3,000 domains, including inactive ones. Brands such as Nike, Puma, Asics, Vans, Adidas, and many others have been impersonated.
The campaign experienced a significant increase in activity between January and February 2023, with 300 new fake sites being created monthly.
The fake websites use domain names that combine the brand name with a city or country, followed by a generic top-level domain (TLD) like “.com.”
Some of the fake sites closely resemble the official websites of the targeted brands, featuring similar designs and layouts. The scam domains were traced back to specific internet service providers and registered through Alibaba Singapore. Domain aging plays a crucial role in the success of phishing operations, as older domains are less likely to be flagged as suspicious.
Some of the malicious domains have been indexed by Google Search and may rank high in search results, deceiving users into believing they are legitimate.
The exact strategy used by the scammers is unknown, but it is suspected that they either do not deliver the products customers pay for or ship counterfeit goods. Personal information entered on these sites, including credit card details, may also be harvested for malicious purposes. To protect against such scams, users are advised to skip promoted results on Google Search and instead check the brand’s official website through trusted sources like Wikipedia or social media channels
Phishing simulation: https://phishing.expert