Online Buyer Beware: E-Commerce Fraud Is Getting More Sophisticated
The term Cyber Monday was coined only about five years ago -- but that day of frenzied online shopping, coming on the heels of the Thanksgiving holiday weekend, is already a major part of U.S. retail sales culture. The National Retail Federation estimates nearly 107 million Americans shopped on Cyber Monday this year -- up about 10% from 2009. And an NRF survey released before Thanksgiving reported more than 88% of retailers were planning special Cyber Monday promotions.
It's probably no coincidence, then, that the feds made a major announcement on Cyber Monday: They had seized 82 domain names of commercial websites they allege were engaged in the illegal sale and distribution of counterfeit goods and pirated copyrighted works.
According to a Department of Justice statement, the operation targeted bogus online retailers dealing in a wide spectrum of counterfeit goods, ranging from clothing and fashion accessories to sporting equipment, DVD sets, music and software. "By seizing these domain names, we have disrupted the sale of thousands of counterfeit items, while also cutting off funds to those willing to exploit the ingenuity of others for their own personal gain," said U.S. Attorney General Eric Holder
According to the Justice Department, a lot of the counterfeit goods were shipped from suppliers in other countries directly into the U.S. via international express mail.
Cyber-Criminals Can Sucker Even Savvy Users
It's not just retailers and intellectual property-holders being hurt by fraudulent online sites. "I would bet 5% of the websites being accessed [by consumers on Cyber Monday] are not legitimate," says Paul Bauer, chair of the Department of Business Information and Analytics at the University of Denver's Daniels College of Business.
Internet criminals have become amazingly sophisticated, he says -- even fooling people who consider themselves web-savvy when it comes to online shopping.
Bauer offers himself as an example. About a year ago, he was making his mortgage payment online. "Within five minutes of paying it," he remembers, " I get back this email saying there was a problem with it; would you please click here. And I did, initially. But then I went, wait a minute -- that didn't come from [my bank]. In fact, I checked the IP address, and it was not from [the bank]. Somebody was monitoring their website close enough -- sitting on a router somewhere on the Internet -- that they were then able to send back that email. I damn-near fell for it."
Online fraudsters also set up up their fraud sites with Web addresses very similar to those of legitimate e-commerce sites, counting on the fact that consumers often mistype URLs. Another scheme is to redirect online shoppers to such bogus sites.
"They can set up the same level of security with certificates, so everything will look legitimate," says Bauer, "but the fact is that you aren't where you thought you were, [and that] exposes you to credit card theft."
The best thing online consumers can do is remain vigilant to potential fraud and watch where they shop. "Buyer beware," says Bauer. "There are bad guys out there, everywhere, trying to take your money. We haven't been able to design [the Internet] to shut that down completely. But this bust, taking away 82 domains, is a step in the right direction."