Luxury & Fashion brands; be aware of the online counterfeiting!:

miércoles, 24 de febrero de 2021

Rogue websites: Domain registrars have a duty to disconnect

This is quite a controversial topic thus this post is a placeholder for law/GDPR related articles on this topic.

Article 1)

"The German BGH decision confirms that domain registrars have a duty of care to disconnect domains used by websites dedicated to copyright infringement. It is interesting that the BGH did not see domain registrars as access providers, but still applied the duties of care for access providers to them. This needs to be welcomed as a clarification of open legal issues not only in Germany. That said, it would have been good if the BGH had referred some of the open EU law questions to the CJEU. We will have to wait for another day for a final decision on Union law." 
Rogue websites: Domain registrars have a duty to disconnect, says German BGH. Decision available in German.

Article 2)

The General Data Protection Regulation (GDPR) was adopted by the European Union (EU) and took full

effect on 25 May 2018. Which are the effects to its policy?


lunes, 17 de agosto de 2020

Would you say this website is legitimate or FAKE?

 With I come across the website as in the picture below:

Fig 1: Section of the main site

The web address is like: https://$ ( I have masked the brand purposely )

The domain will expire in 73 days since today as per the 2 pictures below:

Fig 2: Domain tools information about domain 

Fig 3: Information provided by about the domain

With just the above information would you say such website is legitimate or fake?.

Hint: Nowadays it´s not so easy to differentiate FAKE websites among legitimate ones.

lunes, 3 de agosto de 2020


The U.S. Federal Bureau of Investigation (FBI) today warned of an increased number of reports coming from victims of online shopping scams. 
This is an increasing fraud since few years ago. In 2017 I wrote the paper "Tracking online counterfeiters" and the above FBI alert just highlight what we already knew a while ago.
With the service I usually receive complains of users who have been lured online. The last example, I have this email in my inbox:

Usually the tips I give to users who write me are:
  1. Fill in a complaint into the nearest LEA office. Also if you are US based you can fill in a complain online here. If you are based in Europe, you can report it here.
  2. Before making any purchase online, verify into the website you are in front of. Still in doubts, you can just ask us.

In the above case, when I tried to analyze the website warned by the user, I noticed that the website had just been analyzed (minutes ago) into and to my surprise, it was automatically flagged as "Fraudulent!!"

Therefore, my advice to anyone online, before making any purchase online, you can either try to follow all the "FBI tips to avoid being victimized" or simply just type the web address of the website into and in a few seconds you will know whether is fraudulent or not.

lunes, 13 de abril de 2020

Fraudulent websites examples to lure online users

COVID-19 crisis is driving the global growth of e-commerce sales, with millions of citizens worldwide in quarantine shopping for goods online. Online fraud has always been there, but it is specially at the current time when everyone should be fully aware. 

In order to raise some light how these fraudulent websites looks like, below you can find a small extract of real examples of fraudulent websites targeting famous brands but also common goods. All those fraudulent websites were captured and flagged with and online tool to help you know whether a website is legitimate or not.

If any good is purchased through any of those websites or any other similar, 3 things could happen:

  1. You will not receive any good at all.
  2. You will not receive any good at all and your credit card information and personal data might be stolen
  3. You will receive goods but will be fake and low quality 

Screenshots of fraudulent websites. If you are a brand owner and would like to remove you brand from these list just let me know. This content is just to raise awareness of fraudulent websites trying to lure online users.

Fig 1: Counterfeit-related website targeting KN95 respirators face masks

Fig 2: Counterfeit-related website targeting the Adidas brand

Fig 3: Counterfeit-related website targeting Agatha Ruiz de la Prada brand

Fig 4: Counterfeit-related website targeting the Aldo brand

Fig 5: Counterfeit-related website targeting the Armani brand

Fig 6: Counterfeit-related website targeting the Asics brand

Fig 6: Counterfeit-related website targeting the Calvin Klein brand

Fig 7: Counterfeit-related website targeting the CAT brand

Fig 8: Counterfeit-related website targeting the Clarks brand

Fig 9: Counterfeit-related website targeting the Converse brand

Fig 10: Counterfeit-related website targeting the Desigual brand

Fig 10: Counterfeit-related website targeting the Dr Martens brand

Fig 11: Counterfeit-related website targeting the ecco brand among others

Fig 12: Counterfeit-related website targeting the Giuseppe Zanotti brand

Fig 13: Counterfeit-related website targeting the Golden Goose brand 

Fig 14: Counterfeit-related website targeting the Hogan brand among others

Fig 15: Counterfeit-related website targeting the Hugo Boss brand

Fig 16: Counterfeit-related website targeting the Hunter brand

Fig 17: Counterfeit-related website targeting the Kipling brand

Fig 18: Counterfeit-related website targeting the Moncler brand

Fig 19: Counterfeit-related website targeting the New Balance brand

Fig 20: Counterfeit-related website targeting the Pandora brand

Fig 21: Counterfeit-related website targeting the Pepe Jeans brand

Fig 22: Counterfeit-related website targeting the Petzl brand

Fig 23: Counterfeit-related website targeting the Reebok brand

Fig 24: Counterfeit-related website targeting the Saucony brand

Fig 25: Counterfeit-related website targeting the Skechers brand

Fig 26: Counterfeit-related website targeting the Supreme brand

Fig 27: Counterfeit-related website targeting the Timberland brand

Fig 28: Counterfeit-related website targeting the Tommy Hilfiger brand

Fig 29: Counterfeit-related website targeting the UGG brand

Fig 30: Counterfeit-related website targeting the Under Armour brand

Fig 31: Counterfeit-related website targeting the Vans brand

Fig 32: Counterfeit-related website targeting the Vibram brand

Fig 33: Counterfeit-related website targeting the Football brands

Fig 34: Counterfeit-related website targeting several toys brands

Fig 35: Counterfeit-related website targeting several Sun Glasses brands

Fig 36: Counterfeit-related website targeting bathroom goods brands

Fig 37: Counterfeit-related website targeting kitcheen goods brands

miércoles, 29 de enero de 2020

Counterfeit finally posing as a national security threat for US

The U.S. Department of Homeland Security´s Office of Strategy, Policy, and Plans on Friday released a 54-page report to the president on "Combating Trafficking in Counterfeit and Pirated Goods", promising to strengthen scrutiny, enforcement and punishment to tackle what it calls a rising problem in e-commerce.

We´ve been warning about this fraud long time ago, even before of publishing the SANS paper "Tracking online counterfeiters". is our online service to help both: consumers and brands against this illicit business plaging Internet. Finally it seems this illicit business will have the attention required. As we said in Spanish: "Nunca es tarde si la dicha es buena".

The report contain metrics about the problem whose many of them are extracted from a OECD report I had already pointed out months ago. Nothing new about the landscape of the counterfeiting trafficking landscape and some key problems identified. In contrast, the interesting part of this report is the section 7. Immediate Action by DHS and Recommendations for the USG:

Times are turning interesting on this area, let´s see what´s coming with the implementation of these strong actions. Stay tuned.

martes, 21 de enero de 2020

Worldwide Fake North Face campaign of websites hosted under plenty of TLDs

                    ".ch, the most secure top level domain (TLD) in Europe."                                

The above sentence might be true. The proof?

Just take a look to this FAKE campaign of a single actor targeting multiple worldwide TLDs except .ch. The reason?. Likely to have a higher lifetime = profit. 

They know that if they set up the FAKE webshop under .ch, this TLD is being actively monitored for this type of fraud hence the chances to be detected and take down the webshop would increase. Best course of action? - to avoid it.

Few examples of FAKE webshops under random European countries:

FAKE Polish webhsop (https://

Fake Spanish webshop (https ://

Fake German webshop (https ://

Fake Italian webshop (https ://

    But it is not about Europe. This FAKE campaign targeting this specific brand is worldwide: 

    Passive DNS information.

    Just an observation from the timing of the FAKE domains registration, you can see that the bad guys also have Christmas holidays. There is no activity observed between December 18th and January 8th :) just do one thing but we do it with a laser-focus approach: we do detect and flag online counterfeiting (and fraud) related websites as the above ones for hundreds of different brands targeted by counterfeiters.

    We are collecting the most comprehensive dataset of counterfeit-related webs with two simple goals in mind: 
    1. To provide a free service for online consumers to avoid them being scammed.
    2. To provide a commercial service to brands affected, payment platforms, ISPs and domain registers. 
    The ultimate goal is to stop this massive online fraud. If you are interested just contact with me.