When we hear “Fashion Week,” we generally think of clothes, popular or high rising professional designers and of course, runway models. What most of us who aren’t keeping an ear or eye out on the latest collection don’t realize is that Fashion Week doesn’t really happen in just a week for a whole year. It’s more of a week of high fashion on major cities in various countries that is sponsored by industry bigwigs happening at certain months of the year.
Suffice to say that several Fashion Weeks have come and gone since 2014 started: New York, Mercedes-Benz, Berlin, PFDC Sunsilk, and more. As I write this, more runway events have been announced and are already scheduled to happen within the next two to three weeks. Case in point: Miami Fashion Week and Philippines Fashion Week. Expect that such events will continue until the final quarter of this year.
For some individuals, there is more to fashion than just an impressive parade of clothes for every season. There is also that irresistible opportunity to entice Internet users into buying designer clothing, bags, shoes, and accessories inspired by these fashion events.
If you, dear Reader, are looking to score cheap, fashionable and branded items online, it’s highly likely that you may encounter the sites we’ve found these past few days. We have also noted that such sites have increased in number, with most of them carrying the brands Louis Vuitton, Chanel, Gucci, Hermes, and Oakley.
click to enlarge
click to enlarge
What fantasylouisvuitton, guccioutlet, and fashionshop-usa have in common goes beyond not having an easy way for anyone to verify the products they say for authenticity. All these sites redirect to random JS (JavaScript) scripts hosted on js(dot)users(dot)51(dot)la, a site that has been associated with many malicious activities in the past. Google Safe Browsing flags it as “suspicious”, while doing a quick search on the Web reveals more about its history:
- In 2008, our friends at Dynamoo had published an FYI-warning post on its own blog, stating that the individual/s behind this may either be Chinese or Russian.
- In 2013, independent penetration tester Aditya K Sood of Malware at Stake claimed that a JS script hosted on the aforementioned site was used in conjunction with an exploit in a malicious campaign.To be clear, we found no exploit code on fantasylouisvuitton, guccioutlet, ray-banonlinesale or other selling sites we’re going to name later on.
What these JS codes actually do is generate information about visitors of these selling sites, such as the their IP address, time zone, and the type of browser they’re using, and logs them, possibly for statistical purposes.
Sample JS code (click to enlarge)
ScamAdviser gave all three (1) (2) (3) selling sites poor ratings, adding that these websites have been “newly registered with a short life expectancy, which follows the pattern used by many fraudulent and fake selling websites”, so please be very careful when visiting them. These sites also require visitors to give out their personally identifiable information (PII) as part of their registration and selling scheme.
Below are other sites we found that we also think are potentially risky (Please do not attempt to access them):
- www(dot)louisvuittonsell(dot)com
- louisvuittonunique(dot)com
- www(dot)louisvuittonmusthave(dot)com
- www(dot)louisvuittonbrand(dot)com
- www(dot)louisvuittoninc(dot)com
- vipsaclouisvuitton(dot)com
- www(dot)sac-louis-vuitton-sac(dot)com
- www(dot)louis-vuitton(dot)co
- www(dot)louisvuittontosales(dot)com
- louisvuittonireland(dot)viputazas(dot)eu
- www(dot)sacchanelprix(dot)fr
- www(dot)sacschaneln(dot)fr
- www(dot)chanelindiaonline(dot)com
- guccireplica(dot)evenweb(dot)com
- raybanshopsales(dot)com
- ray-banonlinesale(dot)com
- sales-raybanshop(dot)com
- hermesborse(dot)adoptieren(dot)net
Meanwhile, Tumblr users have been inundated with spam posts from users claiming to be students who have put up their own personal fashion site and wishing others to visit it. This is an old Tumblr scam designed to encourage the clicking of adverts, which is often against the Terms of Service (ToS) of many advertising networks and can be seen as a form of click fraud. In this case, scammers specifically looked for those interested in fashion.
The post may look something like either of these:
click to enlarge
click to enlarge
Here’s an example of one such website:
click to enlarge
When it comes to dealing with scams and potentially risky websites, users are always at the losing end. Thus, avoiding such sites, in general, and sticking to visiting legitimate and/or official selling sites of popular brands are best practices to keep in mind.
Jovi Umawing