There has been a proliferation of scams targeting 100+ popular clothing, footwear and apparel brands. Malicious actors are seeking to use search engine optimization (SEO) to manipulate internet search results, positioning their look-alike domain names at the top of results, in attempts to drive victims to malicious websites. Typosquatting refers to the registration of look alike domains using commonly typed mis-spellings or slight variations of legitimate domains. Unsuspecting customers who don’t realize that they have landed in spoofed sites, enter their personally identifiable information (PII), such as their email address, login information and credit card details, only to have their PII stolen. For more information, including a list of brands impacted by this campaign, please see the following Bolster blog post.
A common tactic in this campaign is to use a brand name followed by a random country name, such as: puma-shoes-singapore.com.
Recommendations:
- Avoid clicking links or typing URLs (as you may make typing errors). Instead, use Bookmark Favorites to visit sites.
- If typing URLs, always double-check that you have correctly typed the site address/URL.
- Never click unexpected links in messages, even when they’re from known senders.
- Be attentive to subtle differences in URLs, such as character substitutions, misspellings or a domain name change.
Spot Typosquatting:
