Online shoppers beware: Experts see increase in phony e-commerce sites

It’s the time of year when retailers are ramping up for the holiday shopping season. And as online shopping becomes a bigger part of the retail experience, cyber experts say there has been a huge surge in registered websites that appear to mimic some of the leading online retailers.

NormShield, a website that assesses cyber risks, looked at the Top 50 e-commerce sites — including Amazon, Walmart and sites popular in other parts of the world.

It found an exponential increase in sites considered “phishing domains” which might have a URL that’s just a little bit different from what you were going for in recent years.

“We’ve discovered there are over 6,000 of these domains that have been registered before the holiday season even started,” said Bob Maley, chief security officer for NormShield.

“It may have a spelling error. It might be one letter, one space off on a keyboard. What they’re trying to do is, if you look at that email when it comes through and you look at the URL that you want to click on, that it looks real. ‘Oh yeah, I really am going to what I think I’m going to.’ And we have seen a significant uptick in the registration of those domains. Not just this year.”

Websites like these also flood your inbox with mega sales and offers for things like a $50 bonus credit if you write a review about a product, or a gift card that you need to activate.

Some of those emails are easily detected as frauds. But some of them aren’t, and some of them seem legitimate since many people shop on those sites regularly.

So you click on it. But that’s a habit you should break.

“What I do is, my favorite sites, I know what the URL is, I don’t click on any mail,” said Maley, who admits he does a lot of shopping online. “The way I look at it is, if I would get an offer through email, I’ll go to the link I know … and I’ll go out to the site that way and then I’ll do a search for the offer to see if it’s legitimate.”

“If the email’s not legitimate obviously you’re not going to find that offer but at least you’ve protected yourself,” he added. “Those types of offers when they come through email, they’re crafted really well. They look like legitimate offers.”

“Don’t click on it in an email,” added Maley. “Go to the website directly, one you know is a legitimate address.”

Don’t trust the lock next to the web address that suggests you’re on a trusted, secure site. Maley said sometimes the bad guys are legitimately registering their bogus sites because it’s easy to do and it’ll still fool you.

“It is a legitimate website [and] the traffic that is going between your computer and that website is encrypted, but the problem is the people that own that site, they’re the bad actors,” said Maley. “It tells us that yeah, the channel between us and that website is secure, but what’s on that actual website, it doesn’t help us with that.”

John Domen

John started working at WTOP in 2016 after having grown up in Maryland listening to the station as a child. While he got his on-air start at small stations in Pennsylvania and Delaware, he's spent most of his career in the D.C. area, having been heard on several local stations before coming to WTOP.

Federal News Network Logo
Log in to your WTOP account for notifications and alerts customized for you.

Sign up