Copycat websites set to rob Christmas shoppers of millions - Times Online
Just a heads upOnline shoppers are at risk of losing money or becoming victims of fraud if they buy from scam or “copycat” websites this Christmas.
Experts are warning consumers to be on their guard after an increase in copycat websites of high street stores that look legitimate. There is also a proliferation of “bargain” websites selling counterfeit items or goods that fail to arrive. Many of these websites appear safe, with encrypted web pages and logos of secure payment services such as PayPal.
Ross Anderson, an online security expert at the University of Cambridge says: “It’s easy enough to create copycat sites. At the end of last month there were at least ten dodgy ‘Littlewoods sites’.” Neither Trading Standards nor the Office of Fair Trading has the power to close down a dodgy website, and the police’s e-crime unit refused to tell Times Money whether it had taken action against any retailers.
Sarah Kidner, of Which? Computing magazine, says: “Hundreds of websites ripping people off flourish because there is no effective policing online.” Here Times Money explains how to shop safely this Christmas.
s Kidner says it is easy for copycat websites to copy and paste the logo of a high street store. The Marks & Spencer, Topshop and John Lewis sites, for example, all allow this easily.
“Domain names that slightly misspell a shop’s name can be bought for as little as £7. These would be used to build a fake site in the hope that someone accidentally misspells the web address when typing it in the address bar,” she says. “The logo of a payment system such as PayPal can be pasted on to add credibility to a site and to make it appear secure.”
Harriet Homuth, a Times Money reader, bought two tops in August from a website that looked like the Abercrombie & Fitch site — www.aber crombiestore.co.uk — which had the PayPal logo. Her items never arrived. The real site is www.abercrombie.com; the fake one has been taken down. PayPal says that it had nothing to do with the site.
A quick Google search reveals at least four similar sites still up and running, including www.abercrombie fitchshop.co.uk and www.fitchabercrombie.com. A spokesman for Abercrombie & Fitch says: “We have no association with these websites and we have shut them down on numerous occasions. They are registered by Chinese nationals on web servers in protected countries. They pop back up quickly after being shut down.”
Ms Kidner adds: “Victims of copycat websites are likely never to receive their goods. Worst-case scenario, fraudsters will use their credit or debit card details to empty their bank account.”
The easiest way to lure a victim on to a copycat website is via a phishing attack, when an e-mail invites someone to click on a link, perhaps to confirm an order or to update their details. Traditionally, this has been a problem for banks, but retailers are targeted increasingly as well.
“People are more careless and more easily phished when their accounts are with non-banks — eBay is a big target and Amazon,” says Mr Anderson.
Kate Fisher, 54, received an e-mail recently purporting to be from the fashion store Great Universal, asking her to click on a link to “confirm an item in your shopping basket”. Ms Fisher, who lives in Lurgashall, West Sussex, had never shopped at Great Universal. She did not click on the link, but rang the store to ensure that an order had not been made. The e-mail was a phishing attack that would have taken her on to a fake website; it has now been taken down.
It is also possible for your computer to be corrupted by a “pharming” attack, when you type a legitimate website address into your browser and still end up at a fake site. Tony Neate, of GetSafeOnline.org, says: “Check the address in your browser’s address bar to make sure that it matches the address you typed. Subtle changes (‘eebay’ instead of ‘ebay’, for example) may indicate a pharming attack.” The best way to guard against such attacks is to install anti-spyware software, as well as anti-virus software and a firewall.
Scams and dodgy sites
Shoppers looking for a bargain, or a particularly niche present, are most likely to fall victim to a dodgy website.
Consumer Direct receives thousands of complaints about Ugg boots and designer handbags bought at “bargain” prices online that either never arrive, or are counterfeit goods. Rebecca Farrell from Manchester fell victim to an online scam recently when she signed up for dieting tablets from viv3labs.helpserve.com. She was told that a trial of the pills would cost only £1, but to her horror she later discovered that two debits of £76.73 each had been taken from her bank account. She says: “I spoke to Trading Standards who told me this practice is illegal and it is unlikely that I will get my money back.” The site did not respond to calls or e-mails from Times Money.
Fraudsters often have poor English and dodgy websites can be littered with spelling and grammar errors. “Many phishing and spoof websites originate in foreign countries and are written and programmed practically overnight,” says Phil D’Angio, of VeriSign, the online security service. If a website name is prefixed with https:// it means that the site is encrypted, so the information you enter is secure. Also, make sure that the padlock appears in the browser interface rather than in the content of the page itself.
Problems with legitimate sites
The potential problems when buying online are manifold, from goods not arriving to poor after-sales service and not being given a refund.
Steve Langdown, from Newcastle upon Tyne, bought a Samsung home cinema system last month from Pixmania: The one-stop shop for great deals. He says: “It clearly stated on the website that the system came with an iPod dock. Well, it didn’t and there are no obvious ways to connect an iPod dock. I have received no satisfactory responses to my e-mails and the product description on the website has removed the reference to the iPod dock.” Pixmania did not respond to Times Money’s e-mails and the company’s call centre, based in the Czech Republic, was unable to comment.
Consumer Direct told Times Money that Mr Langdown’s rights under the Sale of Goods Act apply; ie, that goods must be as described, fit for purpose and of satisfactory quality, and he, therefore, has the right to claim a full refund. However, many people find it impossible to enforce their consumer rights.
Sara Gibson, from Abingdon, Oxfordshire, was looking for a present for her sister — a Sony Freeview recorder — and the lowest price she found was online at Total Digital - The Home of Audio Visual Entertainment. The recorder arrived, but it broke a month later. Total Digital sent her a new one, but Ms Gibson said that it smelt of cigarette smoke and there was dirt around the buttons, so she sent it back and requested a refund, which she never received. Total Digital, the internet arm of Premier Audio Visual Centre, told Times Money that it had never received the Freeview recorder that Ms Gibson sent back, but agreed as a gesture of goodwill to issue a refund.
Before buying anything from a website for the first time, google the site and look for problems experienced by other users on consumer forums. If you have problems with a product bought online, call Consumer Direct for advice on 08454 040506. Buying online with a credit card is safer than a debit card, because if something goes wrong you may be able to claim a chargeback from your card issuer.
Case study: It took nine months for goods to arrive
Jo Cugley, 26, bought her boyfriend some cooking utensils from de Cuisine.co.uk - Cooking, Entertaining & Dining for his birthday earlier this year. It took nine months for the goods to arrive.
She says: “I had to call and e-mail hundreds of times, and eventually threaten the site with legal action before the goods were finally sent. Unfortunately, I paid the £25 on my debit card so I was unable to claim back the cost from the bank.”
Ms Cugley, a wine buyer from West Sussex, found decuisine through Google after searching for kitchen gadgets. However, the site is littered with spelling errors, such as “Childrens Birthday Party’s”, and while the payments page displays a Thawte security logo, this is only a Jpeg that can be cut and pasted. Users should be able to click on the logo to reveal the website’s security credentials, but when you click nothing happens.
If Ms Cugley had googled “problems with de cuisine” before she had made the purchase she would have found complaints about the site on consumer forums from people waiting months for their goods.
Decuisine did not respond to Times Money’s e-mails or calls.
How to shop safely
Be wary of any unfamiliar retailer, especially those claiming to sell bargains.
Pay using a credit card, not a debit card. Remember, security logos such as PayPal may be fake.
Before you buy, see if other customers have had problems by searching for the site on consumer forums such as Moneysavingexpert.com.
Never click on a link from an unsolicited e-mail.
Always check that the website name is correct in the address bar
