2 min read

Massive Phishing Campaign Targets Major Footwear and Apparel Brands


June 14, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Massive Phishing Campaign Targets Major Footwear and Apparel Brands

Cybersecurity researchers have uncovered a high-profile phishing campaign, creating over 6,000 counterfeit websites impersonating over 100 popular brands of footwear, apparel, and clothing.

These include world-famous names such as Nike, Puma, Vans, Asics, UGG, Guess, The North Face, Casio, Timberland, Fila, New Balance, Doc Martens, Crocs, Salomon, Skechers, Superdry and Caterpillar.

The fraud prevention platform Bolster discovered the phishing campaign, which has been underway since June 2022. The malicious actors have continually added to their collection of fake websites, averaging 300 new fake sites every month.

"These domains' IP addresses are hosted by two specific internet service providers, Packet Exchange Limited and Global Colocation Limited," reads Bolster's security advisory. "It is worth noting that both providers have a negative reputation for fraud risk."

Notably, the campaign's activity jumped in the first two months of 2023. The fraudsters demonstrate a peculiar pattern in creating these deceptive websites.

They combine the targeted brand name with a city or country name and add a generic top-level domain (TLD), such as ".com." This tactic gives phony websites an aura of authenticity, making it increasingly challenging for unsuspecting victims to recognize the fraud.

These rogue websites are designed to be nearly indistinguishable from the real ones to further increase the illusion of legitimacy. Furthermore, the phishing domains vary in age, from 90 days to 2 years.

"Additionally, most of these domains (almost 1500) are registered with the domain registrar ALIBABA.COM SINGAPORE E-COMMERCE PRIVATE LIMITED," researchers explain. "The age of the domains in this campaign vary, with some being approximately two years old, while a significant number having been registered within the past 90 days."

Older domains, mainly those closer to the two-year mark, are less likely to be flagged and removed. This longevity also bolsters their ranking on Google, making potential victims more likely to trust and visit the sites.

While the exact strategy of this expansive phishing campaign remains unclear, researchers speculate that the cybercriminals either fail to deliver the ordered products or supply counterfeit goods.

Experts have warned that fraudsters could harvest and store any details entered into these deceptive websites. Users should take the following measures to avoid falling prey to elaborate scams:

  • Confirm the original brand's domain
  • Avoid accessing websites with suspicious domain names
  • Verify the legitimacy of the domain, especially if you stumble upon "too-good-to-be-true" offers

Using specialized software like Bitdefender Ultimate Security can protect you against phishing scams and other digital threats with its extensive library of features, which includes:

  • 24/7, comprehensive monitoring and protection against viruses, worms, Trojans, spyware, rootkits, ransomware, zero-day exploits, and other e-threats
  • Anti-phishing module that identifies and blocks websites that pose as legitimate ones, preventing you from handing out your data, credentials, or funds to threat actors
  • Web attack prevention technology that blocks known infected links and scans your search results for harmful content before you access them
  • Network threat prevention module that identifies and blocks suspicious network-level activities such as brute-force attacks, sophisticated exploits, and malware- and botnet-related URLs




Vlad's love for technology and writing created rich soil for his interest in cybersecurity to sprout into a full-on passion. Before becoming a Security Analyst, he covered tech and security topics.

View all posts

You might also like