A few days ago we wrote about a new fake online shop: 365games.es
This online store was sent to us by a user and the truth is that it was so well designed that it cost us to know if it was fraudulent or not
tricks that use fake online shops
So let’s tell you the steps we took to find out what was a fake store and the tricks that cybercriminals used to pass it through a real store.
If you entered the web you have SSL enabled. It is the first thing we look at to identify them. This had it installed so we kept looking.
The prices were not excessively low so I could go through a real store. In fake shops, prices tend to be very low. We speak that in some there are products of more than € 1000 that sell for less than € 100.
Apart from the SSL, the page was mounted with a WordPress and Woocommerce (added to WordPress that turns it into an online store). A pretty good solution for an online store and that is used by many. Usually fake online stores usually use their own CMS. So on this side if the web was correct.
You have a contact email in the domain of the web: firstname.lastname@example.org. In other online stores that data does not exist or directly if a contact email comes out it is usually a very strange email that does not belong to the web.
The truth is that in this the web was very well mounted. Apart from bank transfer you have Paypal and card payment. So this part was correct.
Notice of cookies
It may seem silly but having the cookie warning installed (98% of the fake stores do not have it) shows that the person who wanted to make the scam had created everything correctly.
Tricks of the fake shops
But here we have come to talk about the tricks used by fake shops. What they do to make the visitor believe that this is a real store and not a fraudulent shop.
This is one of the parts that set off the alarms. If you go to the payment section you will see a very curious trick.
If you look at the image the cybercriminal had been very clever. If you paid with a card or with Paypal (which I imagine you would use Paypal for these 2 options) I put a charge of a percentage on the purchase. That in some of the products 15% is money. In a product of € 1000 are € 150. So the buyer to save that commission used the bank transfer. That’s a mistake because if there are problems then you can not protest to anyone.
What the cyberdelicuente or “swindler” did not think is that in the data you have signed and as soon as they start to pull the thread they find it right away. A very clever trick.
We do not recommend making the payment by bank transfer since if you pay by card or Paypal the card charge can be canceled and in PayPal if there is something fraudulent you usually return the money. That’s why we always insist that you check if the store has Paypal or not.
That we know the web is denounced by several people. If it is still operational, it is because the police or the civil guard wait for the amount of the scam to be a minimum of money, thus ensuring that the “swindler” does not get out.
In the case of people who have paid by bank transfer, it will be quite difficult to recover the money.
So I hope that this article about the tricks used by fake online stores will help you to look a little more next time and avoid being cheated.
Photo by rawpixel on Unsplash