A recent scam has surfaced where legitimate websites are duplicated and set up using a domain name that is very similar to the legitimate website. The prices for goods are often changed to lower prices than the legitimate organisation’s pricing, and of course payments for purchases go to the scammers bank accounts. Needless to say, the purchaser doesn’t receive the goods and is unlikely to ever recover the money they spent in good faith on goods that they eventually learn never existed.
The other loser in this scam is the legitimate website owner who not only loses orders, but also experiences a huge backlash against their reputation and brand power, through no fault of their own.
Running backwards over sand
Trying to get the fake website removed is a lengthy and frustrating exercise and can do untold damage to the retail victim’s business. Most of the organisations targeted by the scammers are small to medium sized businesses that are already struggling in a very hard trading environment, so along with the distraction and time it takes to shut down the fake website, they’re also losing valuable sales, along with their reputation and subsequent brand damage.
If you’re thinking you’d look at preventing these scams from happening, don’t even bother, as unfortunately, there isn’t a lot that anyone can do. Registering all the variations of the legitimate name isn’t an option as there are far too many derivatives and options. There would a huge cost to do this, both in monetary terms and the time it would take to do this.
As a potential customer, I’d recommend checking the URL of any website you intend to purchase anything from before you reach the shopping cart. If there’s any doubt, do a search on the company name and see what other websites pop up. Actually, checking URLs is a great way to spot scams – it works for rogue emails too.
The dodgy website-copiers seem to be based in South East Asian countries, though they’re likely to be hiding in the shadows of every country that’s web-enabled, which makes shutting them down even more complicated and drawn-out.
Tell the world
Another way to draw attention to the problem is telling your customers that your website has been illegally copied and your business compromised, but this will only work for organisations that have an up to date and accurate database of clients that can be warned by email. Furniture retailer, Nood, did this recently when their website was copied. However, this won’t work for casual customers who stumble across your website in a Google search.
Once it has happened, it’s impossible for the legitimate website owner to know the extent of the damage caused by a scammer creating a fake copy of their website – there’s no way of measuring it and often it’s not quickly known that it has even happened. If you should happen to come across a fake website, make contact with the owner of the authentic one and let them know they’ve been scammed – chances are they might not know their site has been copied.
Nothing new here – just sneakier
This scam isn’t new. Years ago I worked for a membership organisation that experienced a scammer purchasing a really similar domain name to ours (dot co; ours was dot org) and setting up a website that wasn’t a copy of ours, but contained enough relevant content to appear to be legitimate. They’d also sourced advertising from some of the same organisations that sponsored us. As we had over 50% market share it wasn’t difficult for us to warn our members about the scam - in fact it was our members who brought it to our attention in the first place – and we started the process of formally complaining to the Domain Name Registrar which was pretty futile as there was very little they could do to help us.
The fake website disappeared pretty quickly and as soon as the domain name became available, we snapped it up. The only losers were the companies who had bought advertising on the fake website.
Tighter legislation required
At the time I recall wondering why there were not more stringent controls over domain name registrations, along the lines of the controls to register a company in New Zealand. The NZ Companies Office won’t accept company names for the NZ Companies Register that are similar to others already registered or could be passed-off as another business. Why can’t these rules apply to domain names?
It seems that we’ve become hell bent on stamping out money laundering to the point of almost cancelling the means to trade, yet scams like this continue to rob people of hard-won sales and hard-earned money. It doesn’t look like we’re making any headway in combatting cybercrime, with the best we can do being to monitor our own patch.
If it happens to your website you’ll need to act quickly to let your customers know not to use it, and with luck it will just go away on its own. I’m sorry tech companies like ours can’t just ‘disappear’ the fake websites – winning Lotto would be far easier!