What do you do when bandits create an exact copy of your online store or website? The only difference from an end ...
What do you do when bandits create an exact copy of your online store or website? The only difference from an end users' perspective is the domain name, something unfortunately a lot of end users doesn't notice. End users are lured into the fake site from phishing emails, hacked or faked social media accounts, and then buy fake or fictional products they never receive, potentially hurting your brand name.
Brand impersonation could have financial impact on your company, and in worst case do some serious damage to your organizations brand reputation. The risks of not acting on abuse and fraudulent activity can be:
- Financial losses
- Damaged brand reputation
- Aggravated customers
In this article we'll give you a few great tips on how you can fight the bandits and get fake sites and accounts shut down. Let’s go through the steps:
Stopping the abuse
DNS
The Domain Name System (DNS) is the phonebook of the Internet. Humans access information online through domain names, like ironstoneit.com or contoso.com. Web browsers interact through Internet Protocol (IP) addresses. DNS translates domain names to IP addresses so browsers can load Internet resources.
To close the fake site, you want to contact their Domain Name Registrar to get the domain name closed. This way end users can’t access the site using the domain name.
- To find the registrar you can use services like https://mxtoolbox.com and do a DNS search on the domain name.
In the following example I’ve done a DNS check on our own domain, ironstoneit.com. The information that you are looking for is highlighted in the red boxes below. As you can see from the screenshot, ironstoneit.com is registered at Loopia AB.
- When you have found the registrar, you need to contact their support and report the abuse/fraud. Most registrars have their own forms for reporting fraud.
Website
Since visiting the fraudulent site might induce a risk to your client, you should never open the website directly to find out where the website is hosted. Instead of opening the site on your client, you can use different online tools to find out where the site is hosted.
- To find out where the website is hosted, you can check the A records of the domain. This will give you the IP address that’s hosting the site. This usually give you enough information to find the hosting provider for the site.
In the following example we have done an A record search on “ironstoneit.com”. It shows us that the IP address behind the domain name is “82.102.5.44”.
Often, but not always, Mxtoolbox will be able to find the owner of the IP address and displaying it directly in the search. When searching for “contoso.com”, mxtoolbox will show us that the IP address is registered with Microsoft Corporation. In this case, you know who to contact.
If the search doesn't reveal who the IP is registered to, you can do an “ARIN” lookup on the IP address. This will give a lot more information about the IP, and often an abuse contact for that IP address. You can try it out here: https://mxtoolbox.com/SuperTool.aspx?action=arin%3a82.102.5.44&run=toolpage
Social media accounts
A fake site is often backed up by several fake media accounts impersonating your brand. It’s therefor important to get the social media accounts shut down.
You can contact some of the most used social media services from the following links:
Search engines
Finally, report the site to the major search engines. You want them to block the fraudulent site and accounts from being displayed in searches.
You can contact the different search engines from the following links:
Other sites
You can also report abuse to sites such as:
- https://www.antiphishing.org/
- https://www.phishtank.com
- https://submit.symantec.com/antifraud/phish.cgi
- https://www.us-cert.gov/report-phishing
Summary
Fighting bandits is never easy, and there's no guarantee that they won’t fake your brand again. In fact, there's no guarantee that the registrar, social media service or hoster will remove the fraudulent site. In most cases, it will take time to get the fraudulent site/account shut down. In reoccurring cases, or especially difficult ones, it’s smart to involve companies specialized in fighting brand thieft and online fraud.
You should consider warning your customers on social media to stay away from fraudulent sites and only visit your official brand site.
Detecting fraud is a difficult task. Often the frauds are reported directly to your organization after a customer is tricked by a fake site. To detect and prevent situations like this, you should use social media monitoring tools to get a comprehensive monitoring and alerting solution that detect and stop profiles impersonating your brand.
While this article isn’t a complete guide on how to stop the bandits from hurting your brand, it should give you a few good tips on where to start!
