6 Examples of the Evolution of a Scam Site

Examining some key examples of recently found fraud sites that target the lucrative retail shoe industry helps us understand how brand impersonation sites evolve.

Photo of woman typing on laptop in the background while a yellow caution sign in the foreground warns of fraud
Source: Kannapat via Adobe Stock

Fraudsters are getting more sophisticated about how they set up and make adjustments to brand impersonation scam sites — not just for phishing, but for all kinds of consumer fraud. A recent analysis by security researchers at Allure Security illustrates how brand impersonation sites are born, how they progress, and the evolutionary steps that fraudsters are now taking to unleash a fully realized scam site.

The analysis was conducted on a cluster of 103 sites the researchers discovered at the tail end of 2022 that primarily focused on shoe brand companies. They found an interesting new trend among these sites that differed from the typical brand impersonation. Whereas most impersonation sites are built out of the box to closely mimic the brand they're copying, these new sites did not.

"We hunt for online impersonations of businesses on behalf of brands that hire us. So as a part of our work we started to find impersonations of one of our customers, a running sneaker company, that evolved in a way we hadn't seen before," said Josh Shaul, CEO of Allure Security. "Usually what we would see is somebody put up a website that looks just like the running sneaker's website or similar enough, with just their branding all over it, but this was different."

At the time of discovery, the lookalike domains had been purchased recently, and in the first few days of existence they looked like generic shops, all of which were built around a very common retail website template. Over the course of 10 days to just a couple of weeks, the sites began to evolve. Within a few weeks, they were redesigned to become a full impersonation.

"As we started to dig deeper and look for more, we realized this wasn't something that was just happening to one of our customers," Shaul says. "This was happening to lots of brands."

Dark Reading worked with Shaul to discuss examples of this process. They illustrate this latest evolution of an impersonation scam site using screenshots, reveal the motives for this process, and uncover the potential fraudulent schemes that their creators could be using these sites to carry out.

About the Author

Ericka Chickowski, Contributing Writer

Ericka Chickowski specializes in coverage of information technology and business innovation. She has focused on information security for the better part of a decade and regularly writes about the security industry as a contributor to Dark Reading.

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights