An Anatomy of a Suspicious Website

🔊 Listen to Post

A friend of mine contacted me the other day and said that there is a website that has an awesome deal, but it seems just too good to be true. My friend wanted me to look at the website britaxi.com and get my opinion. When I looked at the site, I immediately noticed several things that made me suspicious, which I will discuss them in more detail in this article.

In general, any website that’s fake or suspicious can be very dangerous and can cause serious financial harm, identity theft, and a host of other issues that can affect your privacy and security. The code behind these websites is invisible to you so once you move your mouse over any page, or press a key, it could be too late. Your computer may have already been infected. The best thing is to stay away from these sites.

Let me share what I discovered when I took a closer look at the website my friend gave me. I discovered that the same company/owner runs seven different websites. I will use the britaxi.com as an example in this article because in my opinion this site has several issues that are helpful in making my points.

Anatomy of a Suspicious Website

1. Look at the footer and notice who owns the copyrights to the website britaxi.com. The same company name appears on several websites, which I will discuss in more detail later.
   
2. The name of the website britaxi doesn’t seem to have any association with the name of the company that owns the copyright, which is unusual.
3. The text on this website is written in broken English and is full of typos, errors, and some strange things. Frankly, there are too many errors to even list. This is often a telltale sign that the website is not a legitimate business website.
4. Here’s the company’s About Us page. A professional website that claims to be a “leading trading company” that offers “high-quality merchandise” and “Free Shipping to over 120 major countries” does not look like this. I am not sure what they are trading. To me it looks like an eCommerce site selling goods. Even if English is not their first language, a “leading” professional business will hire a company or a person who can proofread the content before publishing it on the Internet, to avoid embarrassment.
5. This website is only available in English language so the target audience for this site is definitely English-speaking countries (with one exception). The website wants to sell mainly to the US, Canada, Australia, and Europe. Indonesia is one exception. How do I know this?  Click the Setting link at the top of the site, which normally would be called Settings. Notice English is the only language that you can select on this site. The currency abbreviations list six options: United States dollar (USD), European Union currency euro (EUR), British pound sterling (GBP), Canadian dollar (CAD), Australian dollar (AUD), and the Indonesian rupiah (IDR).
   
6. If you do an Internet search on the company’s name listed in the copyright notice in the footer, you will discover that it owns several sites with almost identical content: britaxi, veoime.com, besbete.com, simaiuse.com, cosatfore.com,  maxxcosi.com, and kerecaz.com. Why have seven different sites when you can sell the same items on one site? Why not buy domain names that sound more legitimate to people in the English-speaking countries? And why not purchase domain name that matches the business name to establish trust with your customers?
7. On the Contact page, the contact email on five of the sites is an Outlook.com address, which is strange for a legitimate international business shipping product to 120+ countries. One of the sites (kerecaz.com) uses a free Gmail address. On the seventh website (veoime.com) you will notice that the person has an email from a Russian domain. Based on her email, she is probably 40 years old and born in 1980. Although, I am sure this is fake information.
   
8. All but one of the seven websites are protected with Secure Socket Layer (SSL) certificate. The only site that’s protected with the SSL is veoime.com. Any eCommerce website that sells products all over the world can easily afford an SSL certificate.
9. If you were to sign up (register) on any of the six websites that are not using SSL, your information will not be encrypted. When you purchase anything from one of these six sites, the owner of the site can easily capture your full name, password, credit card number, security code on the credit card, your address, etc. For this reason alone, you should stay away from any website that doesn’t use SSL.
10. The company that owns these sites most likely operates and ships from China. It uses a Russian email address for communication. The company uses several domains and different email addresses (free Outlook.com, free Gmail.com, and a Russian domain).
11. Let’s find out more about these websites. We know the websites’ copyright information lists a Chinese corporation. What other information can we use to confirm that these products are shipped from China? Well, there is a Chinese address in Jiajiang county listed on these websites at the bottom of Shipping page. Also, if you look at the Shipping & Returns page you will notice that the delivery days are 5-7 days to Asia, 7-10 days to North America, 10-15 days to Europe, and 14-21 days to Latin America, Caribbean, Africa, and the Middle East. Based on the shipping times, it seems the products are shipped most likely from China.
    
12. Notice what the above screenshot says about shipping? It advertises free shipping worldwide to over 120 countries on its shipping policy page. Now let’s look at the footer of each page. It says its free shipping on orders over $50. So, which one is true? It doesn’t say anything about minimum $50 orders on its shipping policy page. Just another example of how carelessly and poorly these websites were designed by the web designer.
    
13. This next one is pretty funny. One of the seven websites owned by the company is kerecaz.com, which is a known fake online store. At the bottom of each page in the footer there is a Follow Us section.
    
    The site owner or webmaster forgot to remove the Lorem Ipsum text in the Follow Us section. According to Wikipedia, “In publishing and graphic design, Lorem ipsum is a placeholder text commonly used to demonstrate the visual form of a document or a typeface without relying on meaningful content.” This online store does not use SSL to secure the credit card and other personal information that belongs to the online shoppers, which is highly unusual for any international business. The Lorem Ipsum text also proves that this is not a professional website by any means. If the webmaster would have read the text it says “a search for lorem ipsum will uncover many web sites still in their infancy.” Again, another proof that these websites are not designed by professional web developers. Before the sites are published to the Internet, the professional webmasters would make sure there is no Lorem Ipsum text left on their website, to avoid embarrassment.

I can keep going and document much more, but by now you should have a good idea as to why these are not legitimate websites. Although they don’t appear to contain malicious code, the fact that they are selling products and accepting credit cards on unsecure sites, qualifies them as dangerous sites. Therefore, these sites should not be trusted. Frankly, there is no guarantee that you will ever get any products delivered to you from these sites.

Keep in mind that suspicious sites don’t always contain malicious code or malware. They may be simply interested in capturing your credit card data or perhaps interested in accepting your credit card, but not shipping the product. In some cases, they could be selling you stolen goods. Whatever the case may be, these sites are bad news from privacy and security standpoint and should be avoided.

Additional Reading

• How to Identify a Fake Website

Copyright © 2020 SeattlePro Enterprises, LLC. All rights reserved.