Go to top of page

Fake online shopping websites using .com.au domains: SSO Alert Priority Medium

5 November 2013

Several online shopping websites using .com.au domains have been shut down after it was discovered that they were scams.

With Christmas approaching you need to be cautious about the sites you use for online shopping.

There are often scam sites online pretending to sell items such as smartphones, however recently there has been a growing number of complaints made against sites with .com.au addresses.

Warnings to consumers have been issued from a number of government agencies, including from Victoria's Consumer Affairs and the Western Australian Department of Commerce about the increase in scam sites using .com.au addresses.

The scam sites employ a number of techniques to try and appear more legitimate—such as listing an ABN (Australian Business Number)—however these are often taken from other legitimate companies.

The scam websites can be difficult to identify, and may seem professionally developed. Unfortunately, after ordering and paying for your purchase, the item will not be delivered.

Given the usual delay to shipping items purchased online, it can take time to even realise you have been scammed. It can also be extremely difficult to recover lost money, which can run into thousands of dollars.

How to spot a scam website

One of the tell-tale signs of the recent scam sites taken down was the use of direct money transfers, rather than credit cards, to pay for goods. While direct money transfers are used on other websites such as eBay, it is less common for legitimate businesses to use this form of payment. It should not be the only method available. A direct money transfer makes it easier for scammers to move money quickly, while also removing some of the protections that other forms of payment, such as credit cards, give consumers.

One of the main differences between .com.au domains and others, like .com domains, is that the owner of a .com.au domain must be a registered Australian business. This helps to make it more difficult for scammers to obtain .com.au domain names, because the registration process requires a valid ABN. Some scammers have been able to circumvent this by stealing other companies' ABNs.

You can check the business's registration on ASIC’s search page.

Other give away signs include; a poor quality website, broken links and blurry images, spelling and grammar errors and heavily discounted prices—particularly for high-end products such as smartphones, cameras and tablets.

A legitimate website offering payment services should also use Secure Socket Layer (SSL) on pages where personal information or financial activity is transacted. You can check for this by looking for the ‘https:’ prefix at the start of the webpage address, and a small lock icon in the status bar of the browser.

You can also check address and contact details provided by the website, either with Google maps or other directories.

By shopping with reputable brands and websites you know and trust, you will minimise your risk to online scams.

More information

Stay Smart Online has more information on protecting yourself against scams.

If you think you have found a scam, you can report it to SCAMwatch or contact the ACCC on 1300 795 995.

The information provided here is of a general nature. Everyone's circumstances are different. If you require specific advice you should contact your local technical support provider.

Feedback

Thank you to those subscribers who have provided feedback to our Alerts and Newsletters. We are very interested in your feedback and where possible take on board your suggestions or requests.

Disclaimer

This information has been prepared by Enex TestLab for the Department of Communications ('the Department'). It was accurate and up to date at the time of publishing.

This information is general information only and is intended for use by private individuals and small to medium sized businesses. If you are concerned about a specific cyber security issue you should seek professional advice.

The Commonwealth, Enex TestLab, and all other persons associated with this advisory accept no liability for any damage, loss or expense incurred as a result of the provision of this information, whether by way of negligence or otherwise.

Nothing in this information (including the listing of a person or organisation or links to other web sites) should be taken as an endorsement of a particular product or service.

Please note that third party views or recommendations included in this information do not reflect the views of the Commonwealth, or indicate its commitment to a particular course of action. The Commonwealth also cannot verify the accuracy of any third party material included in this information.

CONTACT US

Facebook: www.facebook.com/staysmartonline
Email: staysmartonline [at] communications.gov.au
Web: www.staysmartonline.gov.au
You are receiving this message at the address [Email].
Update your profile preferences
If you no longer wish to receive this information, you can unsubscribe.

© 2013 Australian Government. All rights reserved