GROUP-IB Digital Risk Protection
Effective fight against fraudulent copies of manufacturing company websites
$ 12.8 million
was made by fraudsters after one year of operating a clone of a manufacturing company’s website
Up to 100% of pre-payments
have been transferred to fraudsters by customers misled by copies of official websites
1 million clone websites
of official websites belonging to major companies appear in Russia every year
How fraudsters swindle customers out of money
Create a copy
Fraudsters create a copy of an official website that differs only in the domain name.
Purchase domain names
Threat actors buy similar-sounding domain names to serve as backups for the clone website.
They attract traffic to the fraudulent clone website through mailouts, text messages, messaging apps, and paid search engine marketing.
Threat actors replace the original data and payment details with their own.
Conduct fake sales
Fraudsters process incoming requests and receive payments from misled customers, who believe to be buying products from the official company.
Fraudsters stop all communication with the misled customer.
If the domain gets blocked, fraudsters move the clone website to a backup domain.
How fraudulent copies of official websites harm businesses
When visiting a clone website, users believe that they are on an official resource and therefore trust the information on it. The ultimately negative experience affects the official brand’s reputation.
When purchasing fake goods using the payment details found on a clone website, customers are in fact trying to buy products from the official brand. Once they realize they have been tricked, upset customers make complaints to the official manufacturer.
Lost profits and customers
Purchases of fake products mean lost profits for the official manufacturer. Customers associate the brand with fraud, which destroys customer trust and makes customers more likely to buy from the company’s competitors.
How we protect businesses against fraud
We monitor online resources and detect fraudulent copies of your website.
We evaluate the risks that every threat entails and prioritize response activities.
We block fraudulent clone websites.
We adjust your company’s protection strategy going forward.
We provide detailed reports on all the steps taken.
Agricultural industry under attack
How protecting one brand revealed the activities of a criminal network
with phishing forms were blocked; some of them had existed for 1.5 years
from receiving the customer request to starting response activities
in lost profits for the industry
designed for spam mailouts were blocked