Working together to counter fake online shops

Fraudsters are using .ch domain names for scams where customers are lured in by brand-name products and then ripped off. SWITCH is working with the Swiss authorities to nip these frauds in the bud as early as possible.

Text: Séverine Jagmetti, published on 28.08.2017

These professional-looking online shops usually sell trainers or other accessories from big-name brands at unbeatable prices. Multiple dangers await buyers on these sites: they give criminal organisations access to their credit card details and email and postal addresses, and receive fake products – or none at all – in return.

SWITCH supports the authorities

When the Federal Office of Police (fedpol) or another authority such as the Federal Gaming Board (FGB), the State Secretariat for Economic Affairs (SECO) or Swissmedic encounters a dubious website, it often turns to SWITCH. It’s usually impossible to contact the domain name owner, as they have registered using a false or foreign address, and taking action against a website operator abroad requires a very time-consuming legal process.

If an authority suspects cybercrime and turns to SWITCH for assistance. The foundation then requests that the owner provide a valid Swiss address within 30 days. This request is fulfilled in less than one percent of cases. If the deadline passes without a response, SWITCH deletes the domain name and the website is no longer accessible.

1. Security features

Legitimate online shops are protected by a secure web connection. When you arrive at the ‘Checkout’ process, at the very latest, you should be able to recognise a legitimate webshop by its security attributes, such as a green lock icon and use of https:// instead of http://. Both security attributes are visible in the address line of your browser.

2. Promises of discounts

Be suspicious of brand-name product offerings with unusually big discounts.

3. Internet address

Have an overall look at the provider: does its name, logo and web address seem credible? If you are unfamiliar with the shop, ask around to see whether other people have had a good experience with it. Fraudsters like to use web addresses of legitimate, albeit defunct, websites. This allows them to exploit the recognition factor and a better Google ranking.

4. Imprint

Switzerland requires websites to include an imprint (Impressum). Websites that offer merchandise, works or services must disclose their identity with a name and contact address. The link to the imprint is usually found at the bottom of a website. Be suspicious if a link, such as in this example, is missing or if the information provided does not seem credible. If in doubt, check the website address with www.nic.ch; this website operated by SWITCH lists the contact address given by the holder of the domain name when it was registered. But beware: this address may be fictitious. Avoid a webshop if this information seems dubious to you.

5. Reporting form

Help us! Always report fraudulent and suspicious websites to the Federal Office of Police (fedpol) by completing the reporting form: https://www.fedpol.admin.ch/fedpol/en/home/kriminalitaet/cybercrime/meldeformular.html

Optimising processes

SWITCH’s security experts have been actively and successfully combating cybercrimes such as phishing scams and malware for years, and we act just as decisively against fraudulent online shops.

In 2016, the Swiss authorities asked SWITCH to request a valid contact address from a domain name owner in a total of 737 cases. There have already been 5,075 cases since the beginning of this year. In order to manage the greatly increased number of requests, SWITCH recently introduced a tool to automate request processing. This enabled us to remove 4,469 fraudulent websites from the internet in August 2017 alone.

.ch is the most secure TLD in Europe

All these measures aim to maintain the trustworthiness and security of .ch domain names and to protect them from abuse. The close cooperation between SWITCH and the authorities in the case of fake online shops represents a further step towards quality maintenance for .ch, the most secure top level domain (TLD) in Europe.

More information

28 August 2017: Media release https://www.switch.ch/news/fake-webshops/

19 May 2017: 30 years of .ch: Europe’s most secure address https://www.switch.ch/en/news/30years-ch

25 January 2016: Publication Security on the Internet: Trends, threats, strategies https://www.switch.ch/en/about/publications/brochures/

Safer Internet initiative https://www.switch.ch/saferinternet/

Ordinance on Internet Domains OID https://www.admin.ch/opc/en/classified-compilation/20141744/index.html

Fedpol reporting form https://www.fedpol.admin.ch/fedpol/en/home/kriminalitaet/cybercrime/meldeformular.html

SWITCH-CERT – a leading national centre of expertise

SWITCH has been working hard to make the Internet a safer place for more than 20 years and is one of the leading Swiss organisations for local threat intelligence, detection and incident response. SWITCH-CERT sets itself apart in a number of ways:

local threat intelligence and detection based on monitoring, malware analysis and correlation from a variety of sources
a track record stretching back some ten years as CERT for a number of Swiss banks
extensive experience in managing and moderating trusted communities at the highest level of trust
a national and international network of partnerships and CERT communities built up systematically over 20 years and actively nurtured
its own data network for the Swiss academic community with around 400,000 users as a basis for monitoring
a unique combination of CERT and ccTLD registry

Working together to counter fake online shops

SWITCH supports the authorities

1. Security features

2. Promises of discounts

3. Internet address

4. Imprint

5. Reporting form

Optimising processes

.ch is the most secure TLD in Europe

More information

28 August 2017: Media release https://www.switch.ch/news/fake-webshops/

19 May 2017: 30 years of .ch: Europe’s most secure address https://www.switch.ch/en/news/30years-ch

25 January 2016: Publication Security on the Internet: Trends, threats, strategies https://www.switch.ch/en/about/publications/brochures/

Safer Internet initiative https://www.switch.ch/saferinternet/

Ordinance on Internet Domains OID https://www.admin.ch/opc/en/classified-compilation/20141744/index.html

Fedpol reporting form https://www.fedpol.admin.ch/fedpol/en/home/kriminalitaet/cybercrime/meldeformular.html

SWITCH-CERT – a leading national centre of expertise

Tags

Other articles

Working together to counter fake online shops

SWITCH supports the authorities

1. Security features

2. Promises of discounts

3. Internet address

4. Imprint

5. Reporting form

Optimising processes

.ch is the most secure TLD in Europe

More information

28 August 2017: Media release https://www.switch.ch/news/fake-webshops/

19 May 2017: 30 years of .ch: Europe’s most secure address https://www.switch.ch/en/news/30years-ch

25 January 2016: Publication Security on the Internet: Trends, threats, strategies https://www.switch.ch/en/about/publications/brochures/

Safer Internet initiative https://www.switch.ch/saferinternet/

Ordinance on Internet Domains OID https://www.admin.ch/opc/en/classified-compilation/20141744/index.html

Fedpol reporting form https://www.fedpol.admin.ch/fedpol/en/home/kriminalitaet/cybercrime/meldeformular.html

SWITCH-CERT – a leading national centre of expertise

Tags

Other articles

Community, Corporate, Innovation

Who will be the Digital Hero of the Year?

Trust & Identity, Security

SWITCH edu-ID: Into a future without passwords

Community, Security

The human factor – of powerlessness and insanity