7 Steps Fraudsters Take to Use Web Scraping to Sell Counterfeit Goods

Fake Websites – How Fraudsters Use Web Scraping to Profit

1. Create Custom Bots

Fraudsters create their own stealthy scraper bots to look like good bots such as search crawlers, or hide behind residential proxy networks and highly customized DevTools to evade detection.

2. Scrape Website

Scraping bots automate the extraction of HTML, information stored within databases, and data from APIs. Scraping provides the foundation for replicating the website elsewhere.

3. Spoof Domain

A fake URL that looks as  similar as possible to the legitimate domain name is registered along with valid TLS certificates for encryption.

4. Launch Fake Website

The attacker uses the scraped content and spoofed domain to launch a website that’s nearly indistinguishable from the actual one. The real website’s search ranking often tanks due to duplicate content.

5. Get Website Traffic

A variety of techniques direct  unsuspecting users to the fake website. For example, online digital advertising, social media posts, and spear phishing emails.

6. Generate Profits

Counterfeit goods are sold at deep  discounts. Credentials are stolen using skimmers to resell and perform account takeover (ATO). Malware is injected to conduct click-fraud and other acts of malintent.

7. Add Insult To Injury

The damage is costly for businesses, but not for the fraudster. Customers request refunds for counterfeit or unfulfilled  purchases, fraudulent claims and chargebacks escalate, customer complaints spike, and brands are tarnished.