October 8, 2018
The emails contain the logo and corporate identity of the company Alibaba Group, which owns AliExpress. Email recipients are addressed by name, the senders likely believing that this is bound to make the emails look more legitimate. Doctor Web analysts believe that the fraudsters could have gotten the actual AliExpress customer information from a purchased or stolen database of one of the many cashback services. The emails claim that the user had previously made purchases and left reviews on AliExpress, which is why they are being granted access to a special online store offering numerous discounts and gifts.
The link in the email leads to a website designed to look like an online store, but when trying to purchase any of the goods, the user is redirected to other ecommerce sites, many of which have previously been reported for fraud (e.g., for sending goods that do not match the description, reselling products at inflated prices, or selling low-quality counterfeit copies of popular goods) and are listed in the Dr.Web Parental Control and Office Control databases.
A quick investigation by Doctor Web also showed that the street address indicated on the website of a Moscow online store corresponds to a school building, and the tax number specified belongs to a non-existent company. Moreover, the website provides no information on the terms of delivery, and the contact email address is registered with the free email service provider mail.ru.
Doctor Web experts advise users to take these simple steps before purchasing goods from unfamiliar websites:
- Cross-check the address indicated on the About Us page with an online map, Panoramic Street Images by Yandex, or Google Street View. It is quite possible that instead of an office center or a shopping mall, you will see a school, a parking lot, or a garbage dump.
- Check the tax number on the website to see if the company exists and whether its name matches the owner of the online store. For Russian companies, you can do this online for free, using the page of the Federal Tax Service.
- Make sure that the website describes in detail the payment methods and delivery terms, as well as delivery options and rates.
- Carefully review the contacts on the website. A legitimate company is unlikely to use free email accounts.
#fraud #fraudulent_email #nonrecommended_websites
Tell us what you think
To ask Doctor Web’s site administration about a news item, enter @admin at the beginning of your comment. If your question is for the author of one of the comments, put @ before their names.