Imposter Retailers Outnumber Legitimate Ones
Are you ready for the extreme online shopping season! While you can purchase items online anytime, holiday e-commerce sales reached $126 billion last year with Cyber Monday online purchases generating $7.9 billion alone — making it the biggest sales day in US e-commerce history. That is great for the economy but then there are those unsavory characters lurking on the internet with copycat retailer sites also known as typosquatting domains that are using fake Transport Layer Security (TLS) certificates representing themselves as a safe and secure shopping site. The bad news is there are four-times as many of these fake malicious, lookalike sites as authentic retail domains. If a site uses Let’s Encrypt be wary — this is like a diploma mill for phishers who want SSL certificates. How can you know if you have landed on an imposters site? It’s tough. These scammers use sophisticated techniques carefully mimic logos, color schemes, other aspects of branding, and even the functionality of the real site. And now they can hide in plain site under the wolf’s clothing thanks to these free TLS certificates. However, technology can help. If you use a password manager they are able to detect the sneaky and subtle URL tweaks we have trouble spotting.