BY KERRY TOMLINSON, AMPERE NEWS

Trying to find the best deals? Keep an eye out for copycat sites designed to trick you out of money.

The fakers are working harder this year. And they're hoping that you're moving too quickly during this busy shopping season to notice the small details that reveal the scam.

Here's how to protect yourself from now until the end of holidays.

Watch here:

‘TIS THE SEASON

Shoes by footwear company Sorel can cost as much as $400 a pair. So, if you saw a deal for under $100 on SorelOutletBlackFriday(.)com, you might get excited to buy.

But the site is fake. This real one is simply Sorel.com.

Hoodies by the popular streetwear company Stussy can go for $145. That means Stussy hoodies for about $60 at StussyCanadaBlackFriday(.)com might look like a steal.

The steal, however, belongs to someone else -- scammers out to take your money. Security company Check Point uncovered these fakes and more as part of its research into fake holiday shopping sites.

"We're seeing a huge increase in look-alike or what we call ‘impersonation domain registrations,’" said Micki Boland, lead technologist at Check Point. "They're crafty. They know what works and they reuse these types of techniques over and over."

They’ll use big shopping days like Cyber Monday and Black Friday to lure you in. But once those days are over, they’ll offer up special deals to try to catch your interest.

Crafty Techniques

The copycat criminals often imitate big names and offer big bargains. They may simply add the words "Black Friday" to a big-name brand when creating new sites.

For example, Longchamp.com is a well-known site selling luxury bags. Fakers created a new site under the name of LongchampBlackFriday(.)com, according to Check Point.

They also turned clothing company JCrew.com into the fake JCrewBlackFriday(.)com and Wayfair.com into the misspelled WayfareBlackFriday(.)com.

People are moving quickly during the holiday season and could easily fall for the impostors. Security may not be top of mind.

"All they want is to go online, after a long day of work, and start shopping," explained Miguel Angulo, security engineer at Check Point. "They are not really thinking on anything else but shopping, and all they want to do is to get the good deals," explained Miguel Angulo, security engineer at Check Point.

Naming Names

Fakers use other domain extensions as well, in addition to .com.

Security company Bolster found these using the .shop extension, among others:

• NorthfaceDeal(.)shop

• RalphLauren8VIP(.)shop

• BlackFridaysLego(.)shop

Security company Malwarebytes reported these two in mid-November:

• WalmartGift.net

• AmazonShops.vip

ANOTHER FAVORITE

Fake Amazon sites are especially popular among thieves, Angulo said.

They geared up for Amazon Prime Day in July 2024 with more than 1,200 new Amazon-related sites the month before, the company reported. 85% were flagged as malicious or suspicious. Another 1,000+ Amazon-related sites appeared in September.

The fake sites included legitimate-sounding names such as:

• Connect-Amazon(.)com

• User-Amazon-ID(.)com

• Amazon-Onboarding(.)com

Tracking

Criminals also use fake shipping and tracking sites to convince you your package is being delivered.

Malwarebytes found a group of 50 fake U.S. Postal Service sites set up in just one day, with variations of the real site name, USPS.com.

• usps(.)com-track(.)infoex(.)xyz

• usps(.)com-service(.)goviel(.)xyz

• usps(.)com-trackinysc(.)vip

• usps(.)com-usps(.)top

Bolster listed some possible fake tracking pages as:

• Tracking654(.)com

• Tracking718(.)com

• T(.)17track(.)net

Log in, lose out

Some impostor sites may show you a fake login page or ask you to create an account. This can lead to a multi-layer scam.

Thieves can then keep the money you paid for the fake item, use your credit card or other payment method to steal more money from you, and take over your account to continue the crime and scam other people.

And there is a further risk.

"A lot of times, unfortunately, people use the same passcode and the same email address to register multiple accounts where they're shopping or whatever they're doing," Boland said.

That makes it easier for criminals to sweep through all your accounts.

"Once one password is compromised, and you have the same password, it is very easy to log into the other ones," Angulo said.

"They will impersonate you, and they will start doing bad things on your name," he continued. "And then for you, it is going to be hard to clean, to say, 'I didn't do that.'"

What to do?

Here are some ways to protect yourself, according to Boland and Angulo.

• Don't click on links in shopping emails or messages. Instead, go to the site on your own and look for the special deal there.

•  Don't click on links in messages about shipping or account problems. Once again, go to the site directly.

• Make a new password for every account. Store them in a password manager so you don't have to remember them.

• Use multi-factor authentication. That extra login step, like a code that comes to your phone, will give you extra protection if your password is stolen.

If you can't verify a deal through your own visit to the real site, don't do it. Better to miss out a discount -- even a really deep one -- than to give a malicious hacker your money and identity for the holidays.

ALSO IN THE NEWS:

• Are scam callers using a Donald Trump copycat voice to trip you up?

• Crooks are hijacking AI avatars for cyber crime

• Scammers are stealing people’s faces for live video calls

• Learn to detect a deepfake voice with an Elon Musk clone

• Fake authors are swindling people with shady AI travel guides

• Inside a romance scam: how to make a catfisher sing

MORE FROM AMPERE NEWS

Featured Stories