How to verify whether a website is legitimate or not?:

martes, 21 de julio de 2015

The Man Putting A Stop To Online Counterfeits

Wigs and Gowns is the UK and Ireland’s definitive guide to fashion law. They provide up to date fashion law news alongside clear and accessible legal information for those working in the fashion industry.

We meet each other through twitter and I was happy enough to speak about the online anti-counterfeit project:


"The Man putting a stop to online counterfeits" does sounds a bit overwhelming, but let's try it :)

So far has catched more than one thousand (active websites) of well known luxury brands. Some of them are being taking down slowly and another ones are still active.

If you would like to know how a fake website for any luxury brand looks like just go to the twitter account to check it out all the data collected.

Online counterfeiting is a major issue for the big luxury brands, is a tool that would help you to spot illegal entities selling counterfeit items online. If you are interested in more proactive ways to spot them you can contact with me.

lunes, 13 de julio de 2015

Top 10 brands more targeted by the online counterfeit

The project help you to spot fake websites either e-commerce or doubtful business models. Within a few weeks with the new anti-counterfeiting feature, the project has unmasked thousands of fake and no official websites trying to deceive incautious users. But to be honest while most sites share some patterns and look doubtful to the average internet user, there are quite a few sites which aparently look reputable and therefore can fool even the savviest of shoppers.

After some days spotting fake and no official websites let´s see, based on the data collected by, the most targeted brands by the online counterfeit.

NOTE: Bear in mind that, for some of them, you can check it out the fake or no official website spotted by looking in: with the following terms:

"Brand to search" #Counterfeit (as in the picture below)

Prada websites spotted with and automatically twetted

Top 10 brands more targeted by the online counterfeit (based on data collected by

With more than 250 live fake websites, Nike; the sports equipment company is one of brands more targeted either with fake only-nike shops or through multi-brand shops.

Ray-ban with more than 238 fake websites is usually targeted with fake shops pretending to be from the official brand.

UGG the American footwear company has more than 75 fake websites pretending to be the official brand.

Michael Kors, the fashion accesories company has more than 67 fake websites which apparently look good, like those appearing on this massive campaign.

Oakley; the sport sunglasses brand has more than 62 fake websites. The fake shops with this brand are tipically found in 3 ways: shops exclusively dedicated to Oakley, shops selling Ray-Ban & Oakley, and shops selling several famous sunglasses brand.

Burberry; the British luxury fashion brand has more 57 fake websites. These fake shops are usually fully dedicated to the brand.
Converse; the american shoe company has more than 52 fake websites either fully dedicated to the brand and shops selling several brands.

Louis Vuitton; the french fashion brand has more than 41 fake websites. This brand is one of the most active and original while fighting the online counterfeiting threat.

Hermes; the french luxury manufacturer has has more than 37 fake websites. Usually the fake websites targeting this brand are fully dedicated to it.

GHD; the manufacturer of hair care products has more than 34 fake websites. All the fake websites are exclusively for this brand.

After the above 10 top ten brands being targeted online by the counterfeiters, we can found plenty more brands affected with slightly less numbers than the previous ones. Below is just a small extract of another random brands targeted by the online counterfeiting threat spoted by

Tag cloud generated with Worditout

sábado, 4 de julio de 2015

El sitio no permite desenmascaramiento automatico, ¿quizá un WAF o bloqueado?

The English translation for the title of this blog article would be something like: The site does not allow automatic unmasking due to either a WAF or being banned.

With the new Anti-counterfeiting features in order to spot fake websites, I came across some websites which the service was not able to analyze because the HTTP response coming from the scaned website returned a 403 code.

A message like to the below picture was then showed:

As the service browse any website just as a normal user would do, there is no reason to block it and not way to discover through the logs that a website is being analyzed by The only way to discover it would be through the IP of the service.

After some checks then I came to the conclusion that the service was being banned by some fake websites in order to not being categorized as such. Such behaviour per se it is a good sign :)

Taking as example the fake website from the picture above: hxxp://

The below message was returned when plain HTTP request was sent from the server:

<head><title>Error 403 - IP Address Blocked</title></head>
<p><center><h1>Your IP Address </h1></center></p>
<p><center><h4><font color="#FF0000">XX.XX.XXX.XX</font></h4></center></p>
<p><center><h3>is blacklisted on the network.</h3></center></p>
<p><center>If you have any question,please contact us with your IP at [email protected] .</center></p>

However, from any other IP, the website was accessed without issues:

Now when a website is blocking the service, a message like the above would appear:

which is pretty similar to the original message but now with a link pointing to this blog article to let you know I am aware of this issue.

While I look for a correct approach to solve it you can overcome it temporarily by accessing directly to the report of the website. In order to do it, you only needs to know the MD5 of the website with services such as:

How to see a report of a potential fake website which can not be scanned with

Method 1 (step by step):

  1. We are unable to analyze a website such as: hxxp:// and as a result we get the above picture.
  2. Then we go to: and we type the full address without the end slash of the website we want to analyze in the md5 input field such as follows:
  3. We copy the resulting MD5 hash which is in red.
  4. We go to and paste the MD5 hash from the previous step:

  5. If the website has been previously analyzed and categorized as either fake or not official it should appear as below:
  6. Then by just clicking on the URL we will have access to the report.

Method 2 (step by step): It is possible the website has been categorized either as fake or not official but it has not been automatically tweeted, then:
  1. Same as method 1
  2. Same as method 1
  3. Same as method 1
  4. Then we go to the URL report directly:
  5.  Example: report url

In some occassions by trying to use the second temporary approach you may receive an application error, this might be due to the website has not been analyzed yet.

For any doubt you can either contact me or comment on this blog article.