Looks too good to be true? Then it probably is
It's a story that plays out again and again, all around the world. A consumer sees some great shoes or designer clothes in a webshop and places an order. Weeks later, nothing has turned up... or the goods that arrive are crude fakes from China. Sadly, it can even happen with shops in the .nl domain.
We don't know how many fake webshops there are, but we're building a clearer picture all the time. Many of them run under domain names that used to belong to other organisations. Usually, the shop pops up straight after the domain name has been registered, and often it's taken down not much later. But the crooks may keep repeating the scam, using one re-registered name after another.
The logic seems to be that a domain name that's been in use before will feature higher in search results. The strategy is helped by the fact that other genuine sites often still have links to previously used domains. And the more visitors the scammers can attract, the more they can earn.
Interestingly, sham webshops often use domain names that don't match what they're supposed to be selling. So you might get shoes being sold using an address that looks as if it belongs to a housing advice service. Unfortunately, many bargain-hunters are undeterred by such details.
How can you recognise fake webshops?
Fraudulent webshops tend to share certain features. They're often similar in terms of site design, colour scheme and wording. And, as highlighted above, their domain names frequently don't match what they're selling. So, before ordering from an unfamiliar webshop, think about these things:
Does the shop have the logo of an accreditation scheme you recognise, e.g. Thuiswinkel Waarborg? If so, see whether the logo is linked to the website of the accreditation organisation. And whether that organisation lists the webshop you're looking at.
Beware of newly registered domain names. You can see when a domain name was registered by using our Whois to look up the domain.
Is it a secure website, with a URL that begins 'https://’?
Check the trader's Chamber of Commerce trade registration number and VAT number.
Try googling the webshop and/or the domain name to find out what other shoppers think of it.
Be suspicious of sites where the text reads like a machine translation.
Do the prices seem too good to be true? Then they probably are. Don't be fooled!
Is there a chat function? If so, try starting a chat. On a fake site, you'll often get no response. Look for a phone number and try giving the shop a call.
If everything seems to be above board, pay for your basket using a credit card, because then you're covered against fraud. If the shop wants you to pay by money transfer (e.g. Western Union or MoneyGram), watch out: that's not a good sign.
Occasionally, a webshop will ask you to identify yourself by sending a copy of your ID. That's not something that a legitimate shop will normally ask. So the best response is usually to walk away; otherwise you run the risk of your identity being used for other kinds of fraud.
What are we doing about fake webshops?
First and foremost, webshop scams impact on the people tricked out of their money. But they also undermine the .nl domain's strong reputation for security. So we're working hard to stamp out this form of internet crime.
As well as taking reports from the victims of scams, we exchange information and maintain close contact with the LMIO (National Internet Fraud Report Desk), Fraudehelpdesk and others. When an incident is reported to us, we look at the relevant domain name's registration data. If we find that it's false, we can usually cancel the domain name's registration on the grounds that the registrant hasn't met our terms and conditions. And, if the same registrar is often being used for suspect registrations, we'll talk to the registrar about improving security.Finally, our colleagues at SIDN Labs are busy developing systems that can detect fake webshops in the .nl domain soon after they go live. Together, we hope that those strategies will make the .nl domain a less attractive option for cybercrime.