The injected scripts are sourced from an external site hosted in China, but which uses the .la country code top-level domain. This ccTLD belongs to the Lao People's Democratic Republic, but is actively marketed as a top-level domain for the US city of Los Angeles. Although the fake store associated with the above screenshot uses a UK ccTLD, it is actually hosted by root S.A. in Luxembourg, and shares the same netblock askim.com and several bittorrent sites, including a mirror of The Pirate Bay, allowing the site to be accessed from countries where ISPs were ordered to implement blocks against the original Pirate Bay site.
Such underhanded methods of search engine optimisation (SEO) are not unusual, and can potentially outperform traditional spam-based marketing. For instance, there is likely to be a much larger conversion rate among customers who are actively searching for a specific product than there would be among recipients of spam, many of whom would have no intention of buying anything, and – thanks to spam filters – may not even receive the spam in the first place. With such low returns on spam-based marketing, a huge number of emails would need to be sent in order to achieve a worthwhile return, which would only serve to draw more – possibly unwanted – attention to a fake site.
Some of the hacked sites which appear on the first page of a Google search for "Mulberry" lend further credibility to the scam, making it appear as though the products for sale have received thousands of reviews and near-perfect ratings. However, clicking on these links causes the user to be redirected to one of the fake stores, such as ajmalseotips.blogspot.com
0 Comments