Fraudulent e-commerce site proves hard to close

Fraudulent e-commerce site proves hard to close

Summary: A convincing e-commerce site is still up six weeks after the discovery that it is fraudulently using fake security certificates and the details of another, legitimate, Web site

SHARE:
TOPICS: Security
3
A Web site that purportedly offers cheap mobile phones is still online more than six weeks after efforts began to close it down for what is believed to be fraudulent activity.

The site, unlockedPhones-UK.com, has been discovered to be displaying fake security certificates from security companies VeriSign and TRUSTe, and is using the address of an unconnected legitimate UK mobile phone company called mPhone Ltd. UnlockedPhones-uk.com is not registered as a UK company.

MPhone said it had been aware of the fake Web site for a month and a half, but despite reporting it to the Metropolitan Police -- who said that the FBI would be informed -- and Yahoo, the company hosting the site on its $8.95 a month Premium Geocities services, it had been unable to either get the site taken down or to get in contact with the registered owner. "All the authorities are trying to track them down, and we are working very hard on it," said a source within mPhone. "We're getting so many phone calls it's not funny."

The fake site uses a succession of tricks to disguise its lack of authenticity. Clicking on the VeriSign seal brings up an apparently valid certificate registered to the non-existent company and produced by VeriSign's own computers. However, the certificate is generated by the fraudulent site itself, and the credit card checkout system is hosted on a different site with a valid certificate. Also, the Web site asks for credit card orders to be accompanied by a fax of both sides of the card.

Emails to the contact address went unanswered on Monday, and the Californian address and phone number of the registered domain administrator R. B. Nail apparently are not valid.

"They've basically ripped off our site seal and hosted it on their Web site. In normal circumstances, if they were hosting the checkout on the same site, they'd get a security error, but they're hosting it on another," said John Kerr of VeriSign UK. "Users should double-click on the yellow padlock icon on the bottom right of their browser screen when they're in the checkout, and make sure the name displayed there matches the company you're buying from."

Public speculation over the authenticity of the site began in an online forum when some potential buyers questioned whether the prices were too good to be true. Suspicion was heightened when it was discovered that the gold VeriSign seal, which e-commerce sites display to assure buyers that they have been issued a VeriSign Secure Server ID and which should give some measure of the authenticity of the site, is hosted on unlockedPhones-UK.com's own Web site. When a VeriSign seal is clicked on, it should open up a window displaying the url: https://digitalid.verisign.com. On unlockedPhones-UK.com, the page displayed by the fake Verisign seal is made to look as though it is hosted on Verisign's servers. The fake TRUSTe certificate, which would be hosted on that company's site if it were genuine, is also hosted on unlockedPhones-UK.com's site.

Topic: Security

Rupert Goodwins

About Rupert Goodwins

Rupert started off as a nerdy lad expecting to be an electronics engineer, but having tried it for a while discovered that journalism was more fun. He ended up on PC Magazine in the early '90s, before that evolved into ZDNet UK - and Rupert evolved with them into an online journalist.

Kick off your day with ZDNet's daily email newsletter. It's the freshest tech news and opinion, served hot. Get it.

Talkback

3 comments
Log in or register to join the discussion
  • "Yahoo, the company hosting the site on its $8.95 a month Premium Geocities services, it had been unable to either get the site taken down or to get in contact with the registered owner" I don't understand. If Yahoo hosts the site and they know the owners are ripping people off, why can't they simply pull the plug?
    anonymous
  • On the 2ndJan 2004 I searched for sim free mobile phones and came up with this site. I sent them an email about a Nokia that had a price that seemed too good to be true and didn't get a reply so I searched for a phone no. and when I couldn't find one I became suspicious and searched for other details of the co. Thank goodness for your site warning people.
    Surely a month after your article the site should have been closed down. I hope others have been as cautious as me and haven't sent off money for no goods in return.
    anonymous
  • there is another site, with a very similar adress to the site you have talked about, www.unlocked-phones.com, which also has cheap phones. I think it must be a fraud, and does anyone no for sure, or have a just got this all wrong?can someone pease reply to this, thanks.
    anonymous