Takedown of Cloned Websites
After completing an investigation on behalf of a legal client, we have successfully taken down two websites that mimic their customers ecommerce business website in the clothing sector. Increasingly, this is happening to small and medium sized websites, as criminals are aware that in order for them to be shut down, the victim requires both time and technical knowledge - both limited resources in SME’s.
In this case, the client website had effectively been cloned (extensively copied with all images and links working) and represented on two other domains. Once these copied sites were indexed by Google, customers expressed concern as to which site was the legitimate store, and which was a criminal website designed to acquire credit card details. The problem was compounded by Google, who actually listed the criminal websites higher in its rankings than the legitimate store.
After several complaints by customers that they had entered their credit cards at the fake site checkout, and then later become aware that the same cards were being used fraudulently, the legitimate business decided to protect their brand and aim to have the sites removed via their legal representative.
Fortunately, the client site had trademarked their logo, and any unauthorised usage of that logo was considered unlawful. This infringement was the key to removing the criminal websites. Once we had found out ‘where’ the website was hosted (or stored), it was possible to approach the hosting company and request removal of the offending sites by highlighting the use of a trademarked logo. This worked for one cloned site, but not for a second, where the site was hosted on the criminals own network.
In this case, we made the same removal request to the domain registrar - highlighting the usage of trademarked assets. They, in turn, removed the usage of the domain name by the criminals, effectively rendering the site useless.
Whilst other cloned sites will occasionally appear, an active and firm response will discourage the same criminal groups from copying the same brand in the future, preferring to move on to an easier victim.
Based on the network traffic within the cloned websites, we believe this was part of a much larger network of criminal site cloning activities that had the intention of acquiring active credit card details.