Cybercriminals are working to capitalize on consumer trust by setting up fake domains. They trick users with seemingly small, plausible offers to appear authentic, ramping up this activity around key shopping seasons.
Sophisticated Phishing Campaign
Researchers at PreCrime Labs, the research division of BforeAI, identified a total of 1,330 domains between mid August and late September 2025. Of these, 1,213 domains posed as one of 23 examined luxury brands. The targeted brands include Gucci, Prada, Louis Vuitton, Rolex, Chanel, Dior, Versace, and Dolce & Gabbana.
Some of these fraudulent domains use "boutique" and "outlet" variations in their names, attempting to appear legitimate or to entice consumers with fake discounts.
According to the researchers, the domains were all registered shortly before the high peak holiday season and were not linked to any legitimate company names or emails. While many sites are currently inactive, BforeAI’s PreCrime predictive security platform flagged several as likely to go live during the busy holiday shopping period.
The team noted the probable presence of a coordinated operator or reseller network running the campaigns, as certain email addresses, such as "murphywuonline@gmail[.]com," were found across multiple domains.
Spike in Registrations
Researchers also noted an uptick in threat actors capitalizing on trending news, particularly current geopolitical events such as tariffs. In late September, a total of 800 suspicious domains were registered, accounting for 67% of all domains in the dataset. The largest spike occurred on September 11, 2025, which researchers link to upcoming high traffic shopping events like Diwali, Hanukkah, and Christmas celebrations.
Most of these domains remain parked or inactive, meaning they are likely being held for future use. In these cases, domains are typically activated around major promotional events like Black Friday and other holiday sales. This short lived cycle allows the attackers to maximize their exploitation of brand recognition.
Researchers observed that luxury brands tailored for an in store experience were typically less likely to be targeted, such as Van Cleef and Tag Heuer, which had less than 10 identified domains.
The surge in fake domain registrations also coincides with US trade tariffs. Numerous Chinese sites were seen using "factory outlet" keywords to pose as legitimate outlets selling heavily discounted luxury items.
To avoid reputational and financial damages, retailers are advised to prevent domain abuse by proactively registering high risk brand variants, monitoring brand abuse, and educating customers on safe purchase practices.
Found this article interesting? Follow us on X(Twitter) ,Threads and FaceBook to read more exclusive content we post.
