Solved My sister got scammed today by a fake cake delivery website

Status
Not open for further replies.

brambedkar59

Level 30
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,902
Today is my nephew's birthday so my sister decided to order cake online. She ordered from Cake Delivery Online | 15% OFF | 3 Hrs Delivery which turned out to be a fake scam website designed to take money from innocent victims without delivering anything. I checked their twitter profile and they have been doing same thing for few years now. Their modus operandi is same every time, you order a cake from them, pay for it online, you receive an email confirming order and then after some time you will receive another email saying your order could not be delivered and it will be refunded in 10 business days. Thing is they never do, as confirmed by comments on their twitter posts, where literally every single comment is about them getting scammed. Their website doesn't even have a phone number but only email id, which doesn't reply.

I did file an Abuse report with the domain registrar, but I am not feeling confident if it will do anything. Hope you had a better day.

 
Last edited by a moderator:

upnorth

Moderator
Verified
Staff Member
Malware Hunter
Well-known
Jul 27, 2015
5,458
F-Secures shopping feature was very aggressive and showed a real poor rate/reputation, so thumbs up for that.

I did file an Abuse report with the domain registrar, but I am not feeling confident if it will do anything.
If you haven't already, try to also report it to several major AV companies, and also make sure you send along more and deeper details then just the url.
 

silversurfer

Level 85
Verified
Honorary Member
Top Poster
Content Creator
Malware Hunter
Well-known
Aug 17, 2014
10,396
As shown on VT, blocked by Netcraft browser extension on both Firefox and Edge.

NC.png
 

Jonny Quest

Level 17
Verified
Top Poster
Well-known
Mar 2, 2023
811
As shown on VT, blocked by Netcraft browser extension on both Firefox and Edge.

View attachment 280841
That was a good idea to check it that way, F-Secure was up to speed as well. Along with @upnorth Trusted Shopping rating.
2024-01-11_11-10-00.png

@silversurfer I do like that Netcraft said it was a Suspected Fake Shop, and not just a generic "you shouldn't surf here", notification. That's a pretty dialed-in warning.
 
Last edited:

brambedkar59

Level 30
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,902
F-Secures shopping feature was very aggressive and showed a real poor rate/reputation, so thumbs up for that.


If you haven't already, try to also report it to several major AV companies, and also make sure you send along more and deeper details then just the url.
I did that's how netcraft, webroot and others flagged it. There were zero detection on VT before I reported it.

Update: Domain registrar (Namecheap.com) first said they would investigate it, but next day they emailed me that somehow their client showed them a proof of legal transactions happening on their website, so they closed the matter (they asked for a court order from US, which is impossible for me). So that's a dead end.
 
Last edited:

brambedkar59

Level 30
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,902
Wow another example where a lot of top Avs missed this site as being malicious or phishing but webroot did(along with 5 others on that virus total link brambedkar59 posted above
It is much harder to get a site blocked for scams like this one, compared to when it has malware or it's faking another well-known site (phishing). For some reason some of the detections are for phishing eg: BrightCloud (Webroot)
1704995249292.png
 

brambedkar59

Level 30
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,902
Few months ago, a famous retired cricketer got scammed by this same website, he made a post on twitter, but I am guessing he never complained to authorities, which is why this site is still up. Only reason sites like these are up for so long without getting blocked (this one is up since Sep 2021) is because no one wants to put in the effort of actually reporting crimes to either authorities or AV companies. Their twitter is literally full of people who got scammed and are still waiting for refund after months.

Edit:2 I realize that many don't even know that reporting websites is even an option.


Edit: Also reported to Dr. Web
 
Last edited by a moderator:

Moonhorse

Level 37
Verified
Top Poster
Content Creator
Well-known
May 29, 2018
2,610
Sad to hear that she got stolen, hopefully you guys get the cake from somewhere else

Impressive to see MalwareTips gang going hard on these sites, hopefully we can get many antivirus vendors flagging their site and if the best happens whole site gets flagged down😡
 

brambedkar59

Level 30
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,902
Sad to hear that she got stolen, hopefully you guys get the cake from somewhere else
My brother & his family live pretty far away us, so my sis wanted to send a cake. Well, that didn't work out 😅 He eventually did got a cake for my nephew from local shop there.
Impressive to see MalwareTips gang going hard on these sites, hopefully we can get many antivirus vendors flagging their site and if the best happens whole site gets flagged down😡
MT gang rocks 😍
 

SeriousHoax

Level 47
Verified
Top Poster
Well-known
Mar 16, 2019
3,668
Kaspersky : submit ;)
Kaspersky doesn't block fake shopping sites.
Few months ago, a famous retired cricketer got scammed by this same website, he made a post on twitter, but I am guessing he never complained to authorities, which is why this site is still up. Only reason sites like these are up for so long without getting blocked (this one is up since Sep 2021) is because no one wants to put in the effort of actually reporting crimes to either authorities or AV companies. Their twitter is literally full of people who got scammed and are still waiting for refund after months.

Edit:2 I realize that many don't even know that reporting websites is even an option.

Edit: Also reported to Dr. Web
The site looks very legit (at least to my untrained eyes). No wonder many people have fallen for it. It's tricky to identify a scam like this.
 
Last edited by a moderator:

brambedkar59

Level 30
Thread author
Verified
Top Poster
Well-known
Apr 16, 2017
1,902
I knew but silly me forgot that Bitdefender's Phishing detections are often not shown on VT. But since there was no detection on VT at all when @brambedkar59 initially scanned, I think it got added to BD's blacklist after he sent to multiple vendors. Also blocked by McAfee.
View attachment 280847
Yup, TrafficLight is detecting it.

Who knew my own thread would one day will help me. 🤣

Edit: Submitted to AVG & Emsisoft
 
Last edited:
Status
Not open for further replies.

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top