Growing online wine scams during COVID-19

The COVID-19 outbreak led to many wine businesses taking their products online to maintain their sales even during lockdowns and restrictions. However, the cyber criminals have taken advantage of this growing trend to scam people using fraudulent websites. According to a report published by the US-based group Recorded Future in partnership with Area 1 Security, wine-related ‘phishing emails’ have grown significantly during the pandemic.

Between April 2020 and March 2021, the authors recorded a significant growth in wine-themed website domain registrations, having terms like Wine, Vino, Chardonnay, Pinot, Champagne, Bordeaux and Merlot. 3,000 to 4,000 new registrations were recorded each month till March 2020 and almost 5,500 in March 2020.

Source: Recorded Future

The monthly domain registrations were continuously increasing and peaked in May 2020 with 12,400 registrations. From June 2020 to March 2021, the new wine-themed domain registrations varied between 7,000 and 9,500 each month, which is 2 to 3 times more than the number of registrations before COVID-19. Overall, 96,489 wine-related domains were registered between April 2020 and March 2021 with the wine terms mentioned above.

However, it seems like it took the cyber criminals some time to catch up on this trend with an idea to use such domains to scam people. The number of malicious wine-themed domains were growing at the rate of 3-5% till May 2020 and then increased to 7%. According to Allan Liska, a security architect at Recorded Future, most of the malicious activities were related to spam campaigns. They were designed to get the users to buy fishy wine products or click on websites for online advertisement revenue intentions. 74.71% of the spam email campaigns fell under this SPAM category.

Source: Recorded Future

However, some of them were more serious criminal activities with 13.5% of these containing malicious content (links or files). 11.74% were Type 1 Business Email Compromise phishing emails which tried to bluff the victim into believing that the email had been sent by someone they knew. 0.03% of the emails were Type 3 and Type 4 Business Email Compromise phishing which can result in a critical amount of business and data losses. These emails can trick the victims into transferring funds to the criminal under the pretence of a business transaction or to attract data to be sold on underground forums known as the Dark Web.

The emails can be an effortless one saying that you need to pay this invoice for the wine your boss ordered or a bit more intricate pretending like it is from the CEO or any such senior management. Such emails generally target businesses, however, the individual wine buyers who do not have a professional email filter like companies do, are equally at risk.

According to Sandy Otto, Acting Commissioner at Northern Territory Consumer Affairs, scammers are stealing authentic ABNs to register domain names and set up websites. They usually are well-presented, making it look like a reputable website. So, the best way to prevent being scammed is to check the domain name, email address and content carefully and make sure you recognise it before clicking on any link or providing personal information. If you feel suspicious about a website or email, you can refer to Scamwatch, which is a website by the Australian Competition and Consumer Commission (ACCC) to inform consumers how to recognise and report scams.