The development of e-commerce is not painless for many Internet users. Schemes to defraud customers in electronic stores are based on registering a domain ( https://internet.am/en/) that is very similar to the domain name of a real store.
This could be adding a dot in the name myonline.domain, adding a dot we get my.online.domain.
Replacing a letter in the example.domain domain with exanple.domain, which may not be immediately noticed.
In a number of zones, it is possible to use a letter in Cyrillic in the domain name, where all other letters are in Latin. In the latter case, you need to be especially attentive to the subdomain, for example, in the domain example.one.domain, the zone registrar may prohibit the use of a non- Latin letter in the name one.domain, but the owner of this domain can independently register the subdomain example.one.domain in which the Latin letter a is replaced with the letter a in Cyrillic. In subdomains of a domain name in the .am zone, an attacker can replace the Latin o and u with the Armenian օ and ս. According to the domain policy of the am and հայ zones, this is prohibited and if such a fact is revealed, this leads to the revocation of the domain - but an attacker can make such an attempt.
Such domains are called “doppelganger domains”, and the method for creating them is “typesetting”.
Having created such a domain, the attacker creates a website in which, down to the smallest detail, the design of the true owner of the online merchant’s website is repeated. After which the attacker begins the procedure of attracting users to his fake online store, the simplest way is to send spam advertising a fake store indicating super low prices for goods, promising winnings and prizes.
A potential buyer, attracted by the opportunity to buy a good deal, may well visit a fake store, leave all his credit card information there and, ultimately, lose all the money on his credit card and, as a bonus, not receive the ordered product.
What should you do to avoid becoming a victim of a scammer?
To identify the most primitive attackers, it is enough to notice a couple of spelling errors in the text, note the absence of store details, and unusual phone numbers.
Carefully examine the padlock in the upper left corner of the browser search bar to see if there is one who issued the SSL certificate (link to the article all about the SSL certificate), if you have a self-signed certificate, you should immediately check the status of the domain on the Google service https://transparencyreport.google.com /safe-browsing/search?url=name.am&hl=en.
The method of delivery of the goods is also suspicious, if it is only delivery by courier.
A good indicator can be the age of the domain https://www.duplichecker.com/domain-age-checker.php. If a store’s website presents itself as old, and its domain is only a month old, then this should raise reasonable suspicions.
A good tool for checking the reputation of a store can be the Internet archive https://web.archive.org/, by typing the url of a site you can see the history of this site. It’s a good idea to call the numbers listed on the website - a simple dialogue with the seller can provide additional valuable information about the store.
By visiting the website https://mxtoolbox.com/ you can check your email address and identify possible errors, in detail (link to https://internet.am/blog/en/posts/resource-record/ )
But attackers can hack a real website and install their spyware there, which will read your card data. To prevent large losses, it is important to have one dedicated credit card for online trading, to which you transfer money from your main card before purchasing. In this case, even if there is fraud, your losses will not exceed the amount transferred to the card for online trading.