How to Take Down a Fake Website

The continuous rise of fake websites presents a significant challenge for companies around the world. By the end of 2022, the internet saw a 25% increase in fake websites over a two-year period, with 2023 seeing a new fake website emerge every 11 seconds, according to Dataprot.net. The growing sophistication of scammers, armed with advanced tools and technologies, has transformed the internet into a battleground for brands attempting to protect their identity and reputation. In this landscape, the question of how businesses can effectively eliminate these fraudulent sites permanently is more relevant than ever.

In this article, we’ll share the latest strategies for identifying, reporting, and removing fake websites, so your brand can preserve its integrity and protect the customer experience.

Domain name squatting, or cybersquatting, is the practice of registering well-known companies as internet domains with the intention of creating a fake storefront that scams honest consumers. Cybersquatters are looking to capitalize on the reputation of a popular brand in the hopes that their loyal customers won’t notice the minor differences in the fake shop’s setup. Some cybersquatters also attempt to sell the domain back to the legitimate company at a higher price for profit.

Domain squatting can take many forms, including:

• Typosquatting, also known as URL hijacking, cybersquatters register domain names that are misspelled versions or typographical errors of popular brand names or legitimate websites. This approach targets shoppers who accidentally mistype a website into their web browser and end up landing on the scammer’s fake copycat site. Typosquatting is also often combined with business email compromise (BEC) scams and ransomware campaigns, relying on unsuspecting recipients not noticing a one or two character different from the legitimate brand’s domain in a sender’s email address or a link they are asked to click.
• Combosquatting, also known as level-squatting, is a sophisticated form of cybersquatting that involves registering domain names that combine a well-known brand name with additional words or phrases. Unlike typosquatting, which focuses solely on imitating or misspelling a brand’s name, combosquatting adds extra terms to the brand name to create a domain that appears credible for specific uses or offers. For example, if “Hilton” is the brand name, a combosquatting domain might be “hiltontravelrewards.com” or “hiltontravelpoints.com”. This technique can be particularly deceptive because the domains often suggest a legitimate association with the brand, potentially for specific services, promotions, or regional operations. The most common combosquatting keyword is “support.”
• Homograph squatting or homograph spoofing are fake websites registered with domain names that visually resemble those of established, trustworthy sites. This technique leverages the fact that many characters in the Unicode standard look alike but are represented by different code points. For example, the Latin alphabet letter “a” and the Cyrillic alphabet letter “а” appear identical to users but are recognized differently by computers.
• Soundsquatting exploits the similarity in the pronunciation of domain names. The registered domain names sound similar to legitimate, well-known websites but may have different spellings or use homophones — words that sound the same but are spelled differently. The aim is to create confusion or trick shoppers into visiting these malicious sites instead of the intended, legitimate ones.
• Bitsquatting is a sophisticated and less commonly known cybersecurity threat that takes advantage of random bit errors in hardware to register domain names that are a single binary digit (bit) different from legitimate, well-known domain names. This type of attack leverages the natural occurrence of bit flips — scenarios where a bit changes state from 0 to 1, or vice versa, due to various causes like cosmic rays, electromagnetic radiation, or hardware faults. When a bit in the domain name stored in a computer’s memory flips, it could lead to the browser being directed to a bitsquatted domain rather than the intended website. For instance, if the legitimate domain is “example.com,” a bitsquatted variant could be “exqmple.com,” where a single bit difference in the ASCII representation of “a” and “q” leads to the altered URL. Attackers register bitsquatted domain names hoping to intercept unintended traffic from these rare but inevitable errors. 
• Level squatting targets mobile users by exploiting the limited display width of a browser’s address bar on smartphones. In this scheme, attackers craft URLs that, due to space constraints, appear legitimate at a glance. For example, they might use a URL like order.drinkolipop.com.fdmtwjk.k8pfau04.xyz. Since mobile browsers often can’t show the full URL, the fraudulent segments remain hidden, leading users to believe they’re visiting a genuine site. This tactic allows scammers to redirect users to malicious sites without their knowledge, leveraging the truncated display to mask the URL’s true destination.
• Social media brand jacking happens when fraudsters impersonate an official brand’s communications with ads that mislead customers into visiting counterfeit websites (which are set up using one or several of the previously mentioned methods).

Scammers may use various tactics to leverage their fake websites for evil, all of which aim to scam honest consumers out of their hard-earned income, steal personal information for resale, or both. Here are some popular approaches:

• Phishing websites mimic the design of authentic brand sites to steal personal information like addresses, financial data, and other personal details.
• Scam websites offer unrealistic rewards to swindle money or data.
• Fraudulent eCommerce sites or marketplaces sell non-existent or counterfeit goods. Consumers provide payment information and end up getting nothing in return, or a cheap knockoff of a luxury good.
• Malware distribution sites infect devices with malicious software that extracts the consumer’s personal data.

Every variety of counterfeit website aims to exploit specific vulnerabilities, be it a user’s trust, their search for appealing deals, or their investment aspirations. With the evolution of AI and machine learning, fraudsters are leveraging generative AI to craft more sophisticated and convincing fake sites that can evade conventional detection strategies. Innocent victims are also being duped by realistic-looking scam websites at an alarming rate, as reported in our 2024 Fraud Trends guide. This development makes it increasingly challenging for brands to detect and eliminate fraudulent websites.

As fake websites continue to accumulate in droves, it might be helpful to consider an automated solution like Red Points. They can take down counterfeit sites at scale, helping to protect your revenue, brand, and customers. If you’re just beginning your takedown journey, here are some steps to take to eliminate copycat websites:

• Send a cease and desist letter to the site admin, domain registrant, CMS platform, and server host.
• Report the fraudulent website to domain registrars. Use ICANN or a similar service to find out website owner details.
• Notify the payment processors of fraudulent activities on any fake websites you discover. If you can capture screenshots of fake listings or customer disputes — any evidence of fraud — this will help your case.

Report the site to Google via their Report a Phishing Page. This helps get the site de-indexed from search results.

Over the last five years, phishing attacks have grown at an alarming rate. Between 2019 and 2020, the FBI’s Internet Crime Complaint Center indicated that phishing incidents nearly doubled in frequency, leading to billions in losses worldwide. And most recently, phishing has been reported as the number one threat to merchants in 2022 and 2023. Phishing tactics are diverse, with schemes that target consumers as well as businesses. 

Merchants have a responsibility to keep their devoted customers safe while shopping their online store. They also have an opportunity to create customer loyalty and increase trust during the process, which plays a massive role in influencing buying patterns. According to the Edelman Trust Barometer Report, 81% of shoppers say brand trust is a deciding factor or deal breaker when it comes to considering a purchase. Here is what you should be telling customers when it comes to spotting a fake website or fraudulent copycat:

• Inspect the URL for any misspellings or incorrect domain names that could indicate a fake site. If you’ve caught a copycat website before, share the example in your communications with customers so they can be aware not to shop at the fake shop.
• Look for essential security indicators. HTTPS and the presence of a padlock icon in the address bar can signify a secure connection. Tell customers that sites without these elements should not be trusted and that your site will always have these features to ensure safe shopping.
• Be cautious of unexpected requests for personal information that a legitimate eCommerce site would not require. Share how your store and team will communicate such requests so customers know who to trust. Also, highlight which communication channels your company uses. If there are fake social media or customer support accounts, flag them so customers know not to go through these channels.
• Be cautious of offers that seem too good to be true. This advice is a big one that our Anti-Fraud Squad emphasizes when it comes to combating eCommerce fraud. Deals that seem too good to be true, usually are. They’re designed to entice eager or budget conscious shoppers, who end up realizing the original offer was implausible in hindsight. 
• Consider customer feedback beyond what the site lists. Fake sites can be filled with fake reviews. It’s also a huge red flag if there is an absence of reviews or a predominance of negative feedback. Advise customers to do a Google search of the website. The query “Is [WEBSITE URL] fake” can be effective in finding out if you’re dealing with a fake shop. Getting scammed is infuriating, and victims will talk, whether it be in social posts or in forums like Reddit; running a quick search is an easy way to find out which brand is authentic and which isn’t.

By arming your customers with these insights, you play a vital role in not only protecting them from potential scams but also in safeguarding your brand’s reputation and the trust you’ve worked hard to establish. Understanding the landscape of online threats, identifying fake websites, and knowing the channels for reporting and removing these sites are pivotal steps in maintaining the integrity of your brand and the security of your customer base.