Solved My sister got scammed today by a fake cake delivery website

[brambedkar59]

Today is my nephew's birthday so my sister decided to order cake online. She ordered from Cake Delivery Online | 15% OFF | 3 Hrs Delivery which turned out to be a fake scam website designed to take money from innocent victims without delivering anything. I checked their twitter profile and they have been doing same thing for few years now. Their modus operandi is same every time, you order a cake from them, pay for it online, you receive an email confirming order and then after some time you will receive another email saying your order could not be delivered and it will be refunded in 10 business days. Thing is they never do, as confirmed by comments on their twitter posts, where literally every single comment is about them getting scammed. Their website doesn't even have a phone number but only email id, which doesn't reply.

I did file an Abuse report with the domain registrar, but I am not feeling confident if it will do anything. Hope you had a better day.

VirusTotal

VirusTotal

www.virustotal.com

 

[upnorth]

F-Secures shopping feature was very aggressive and showed a real poor rate/reputation, so thumbs up for that.

I did file an Abuse report with the domain registrar, but I am not feeling confident if it will do anything.

If you haven't already, try to also report it to several major AV companies, and also make sure you send along more and deeper details then just the url.

 

[Jonny Quest]

Thanks for letting us know, and in helping to call this scam company out.

 

[Dave Russo]

Wow another example where a lot of top Avs missed this site as being malicious or phishing but webroot did(along with 5 others on that virus total link brambedkar59 posted above

 

[nickstar1]

i have submitted this to malwarebytes staff for blocking. https://forums.malwarebytes.com/topic/306664-scam-website/

 

[silversurfer]

As shown on VT, blocked by Netcraft browser extension on both Firefox and Edge.

 

[Jonny Quest]

As shown on VT, blocked by Netcraft browser extension on both Firefox and Edge.

View attachment 280841

That was a good idea to check it that way, F-Secure was up to speed as well. Along with @upnorth Trusted Shopping rating.


@silversurfer I do like that Netcraft said it was a Suspected Fake Shop, and not just a generic "you shouldn't surf here", notification. That's a pretty dialed-in warning.

 

[brambedkar59]

F-Secures shopping feature was very aggressive and showed a real poor rate/reputation, so thumbs up for that.


If you haven't already, try to also report it to several major AV companies, and also make sure you send along more and deeper details then just the url.

I did that's how netcraft, webroot and others flagged it. There were zero detection on VT before I reported it.

Update: Domain registrar (Namecheap.com) first said they would investigate it, but next day they emailed me that somehow their client showed them a proof of legal transactions happening on their website, so they closed the matter (they asked for a court order from US, which is impossible for me). So that's a dead end.

 

[brambedkar59]

Wow another example where a lot of top Avs missed this site as being malicious or phishing but webroot did(along with 5 others on that virus total link brambedkar59 posted above

It is much harder to get a site blocked for scams like this one, compared to when it has malware or it's faking another well-known site (phishing). For some reason some of the detections are for phishing eg: BrightCloud (Webroot)

 

[Shadowra]

Avira & Eset : blocked
Kaspersky : submit

 

[Jonny Quest]

Avira & Eset : blocked
Kaspersky : submit

I checked on my Kaspersky PC, and you're right, it wasn't blocked, no notification.

 

[Shadowra]

I checked on my Kaspersky PC, and you're right, it wasn't blocked, no notification.

Google Safebrowsing too, i submited too

 

[Kongo]

Also blocked by SafeToOpen.

 

[Shadowra]

Also blocked by SafeToOpen.

Yep I didn't know him, good discovery! (will be tested soon)

 

[brambedkar59]

Few months ago, a famous retired cricketer got scammed by this same website, he made a post on twitter, but I am guessing he never complained to authorities, which is why this site is still up. Only reason sites like these are up for so long without getting blocked (this one is up since Sep 2021) is because no one wants to put in the effort of actually reporting crimes to either authorities or AV companies. Their twitter is literally full of people who got scammed and are still waiting for refund after months.

Edit:2 I realize that many don't even know that reporting websites is even an option.


Edit: Also reported to Dr. Web

 

[Moonhorse]

Sad to hear that she got stolen, hopefully you guys get the cake from somewhere else

Impressive to see MalwareTips gang going hard on these sites, hopefully we can get many antivirus vendors flagging their site and if the best happens whole site gets flagged down

 

[brambedkar59]

Sad to hear that she got stolen, hopefully you guys get the cake from somewhere else

My brother & his family live pretty far away us, so my sis wanted to send a cake. Well, that didn't work out He eventually did got a cake for my nephew from local shop there.

Impressive to see MalwareTips gang going hard on these sites, hopefully we can get many antivirus vendors flagging their site and if the best happens whole site gets flagged down

MT gang rocks

 

[SeriousHoax]

Kaspersky : submit

Kaspersky doesn't block fake shopping sites.

Few months ago, a famous retired cricketer got scammed by this same website, he made a post on twitter, but I am guessing he never complained to authorities, which is why this site is still up. Only reason sites like these are up for so long without getting blocked (this one is up since Sep 2021) is because no one wants to put in the effort of actually reporting crimes to either authorities or AV companies. Their twitter is literally full of people who got scammed and are still waiting for refund after months.

Edit:2 I realize that many don't even know that reporting websites is even an option.

Edit: Also reported to Dr. Web

The site looks very legit (at least to my untrained eyes). No wonder many people have fallen for it. It's tricky to identify a scam like this.

 

[SeriousHoax]

I knew but silly me forgot that Bitdefender's Phishing detections are often not shown on VT. But since there was no detection on VT at all when @brambedkar59 initially scanned, I think it got added to BD's blacklist after he sent to multiple vendors. Also blocked by McAfee.

 

[brambedkar59]

I knew but silly me forgot that Bitdefender's Phishing detections are often not shown on VT. But since there was no detection on VT at all when @brambedkar59 initially scanned, I think it got added to BD's blacklist after he sent to multiple vendors. Also blocked by McAfee.
View attachment 280847

Yup, TrafficLight is detecting it.

Who knew my own thread would one day will help me.

Guide | How To - How anyone can destroy a scam website in minutes

In this video I will be showing you how just by yourself, you are able to utterly DESTROY a phishing or scam website by reporting it to a whole bunch of antivirus and cybersecurity companies. If you get into a good rhythm, you can easily report it to all of them in just a couple of minutes. And...

malwaretips.com

Edit: Submitted to AVG & Emsisoft