The Bad Boys of the Internet: How Big Internet Companies are Supporting Scammers

Header

Author: Jorij

May 3, 2021

According to previous research, the number of online scams increased by 40% last year. For 2021 a similar growth rate is expected due to the Corona pandemic. Online scammers are no longer 15-year-old kids who set-up an online store but do not deliver. In the past few years, professional crime syndicates have taken over running scam networks with hundreds of websites supporting investment scams, cryptocurrency schemes, romantic dating plots and subscription hoaxes. These networks often make millions of “sales” monthly at nearly zero costs.

Like in the physical world, every criminal has support. Offline, these are production plants, distribution companies, creative accountants, and lawyers (lots of them). Online, they need to register their domain name, host their websites, preferably in a country that does not prioritize fighting cybercrime.

Scamadviser analyzed 7 million domain names and discovered that some hosting companies, registrars (where you register a domain name), registries (the owners of extensions such as .com, .biz and .store) and countries seem to support scammers much more than others (see “About the Data” at the end of this article for more information).

Bad Registrars

Every scammer needs a domain name to promote his website. You can purchase a website name from a registrar. GoDaddy is one of the most used registrars (and hosting company) worldwide. In the table below you find that 3% of the websites which are registered at GoDaddy have a Trust Score equal or lower than 20 (on a scale from 1 to 100). This percentage is in line with the overall average.

However, this percentage is relatively low compared to other registrars. In the last 90 days, 36,000 websites registered on Alibaba were scanned by Scamadviser.com. Of these, 14.3% are considered dubious. This may be due to the very high number of online stores offering fakes or not delivering products with roots in China. However, American based companies like NameSilo (13.2%) and NameCheap (10.5%) likewise do not score well.

Registrar  Hosted Domains  Low Score Domains  % Low Score Domains
GoDaddy.com 528,752 15,876 3.0%
NameCheap 119,754 12,546 10.5%
PublicDomainRegistry.com 92,461 3,074 3.3%
ENOM 91,405 1,650 1.8%
Network Solutions 82,531 532 0.6%
1&1 IONOS 49,002 483 1.0%
NameSilo 40,710 5,340 13.2%
Alibaba Cloud Computing 35,925 5,139 14.3%
FastDomain 33,624 552 1.6%
GMO INTERNET, INC. 29,825 1,039 3.5%

If we look at registrars with the lowest average Trust Score, mainly registrars with an Asian background pop-up. Some, like Shanghai Meicheng and Alibaba appear several times as they use different company entities.

Registrar Average Score Domains Hosted
shanghai meicheng technology information development 5 511
Shanghai Meicheng Technology Information 13 199
UNITEDKINGDOMDOMAINS 20 41
EIMS (Shenzhen) Culture & Technology 25 37
Shanghai Meicheng Technology Information Development 27 270
Hongkong Domain Name Information Management 28 4,144
EPIK 31 45
Media Elite Holding 31 1,728
ALIBABA.COM SINGAPORE E-COMMERCE 32 7,145
Alibaba Cloud Computing 33 2,422

 

Bad Hosting Companies

Apart from a domain name, each website needs an Internet Service Provider (ISP) to host its website. Based on an analysis of data gathered from mid-January to mid-April 2021, hosting company Cloudflare hosts the most domain names with a Trust Score lower than 20. However, of the largest hosting companies Namecheap performs by far the worst. Of the 47,841 websites analyzed, 8,433 or 17.6% can be considered scammy. Google and GoDaddy on the other hand perform remarkably well with only 1,7% and 2,0% of the websites researched can be considered malicious.

ISP Hosted Domains  Low Score Domains  % Low Score Domains
Cloudflare 326,325 11,905 3.7%
Google 175,561 2,975 1.7%
GoDaddy.com 105,755 2,127 2.0%
OVH 78,024 1,690 2.2%
Amazon Technologies 75,150 3,372 4.5%
Unified Layer 68,850 1,334 2.0%
WebsiteWelcome.com 64,214 1,140 1.8%
DigitalOcean 60,215 1,459 2.4%
Hetzner Online 52,249 1,204 2.3%
Namecheap 48,116 8,456 17.6%
Shopify 45,407 3,802 8.4%

There are hosting companies which perform far worse. However, they do not have the reach of the top players listed above. In the table below, the Internet Service Providers are listed with the lowest average Trust Score for the (minimal 20) domains they host.

ISP Average Score Domains Hosted
Vladimir Filippo 8 38
Coverage Technologies 9 611
GigaHostingServices 9 83
Sunshine Webhost Limited 9 23
XeVPS Hosting 9 61
World Hosting Farm Limited 10 23
Lijun Yang 10 33
DDoS-GUARD Ecuador 10 90
MBOX 13 48
Compevo AP 14 21

 

Bad Registries

The registrar does not own the domain name it sells to a person or company. Registrars are the ‘middleman’ between the user that licenses a website name and the registry. The registry owns the domain name and is in charge of the general administration of a top level domain such as .com, .biz or .store.

Not surprisingly, the most used extensions are .com, .net and .org. What is remarkable is the relatively high misuse of .co (5.4%) and low misuse of .cn (0.36%). The .co extension is often misused by scammers as it gives potential scam victims the impression that it is a legit .com site. The Chinese country’s top level domain seems hardly misused at all, probably as scammers still focus on victims outside of the Chinese market and prefer extensions more “Western” extensions.

Registry Hosted Domains Low Score Domains % Low Score Domains
com 1,832,842 72,243 3.9%
net 135,170 4,317 3.2%
org 105,805 1,753 1.7%
de 82,464 1,552 1.8%
ru 78,952 3,457 4.4%
cn 72,014 190 0.36%
co.uk 58,587 1,839 3.1%
nl 52,255 699 1.3%
it 31,259 467 1.5%
au 30,503 366 1.2%
pl 25,431 392 1.5%
co 25,024 1,342 5.4%

Amongst the less well-known and used domain extensions, the .ltd extension has the lowest average trust score. Other often misused top levels are .store, and .top. The main reason for misuse is their low price. At Namecheap.com (one of the cheaper Registrars) you can get a .ltd for $ 6.98, .top for $ 3.98 and .store for $ 1.88 per year!

Registry  Average Score  Domains Hosted 
ltd 29 2,537
buzz 32 676
uno  36 326
cyou 41 241
icu 43 1,078
casa 44 328
store 47 6,615
top 48 8,270
mosnter 49 182
trade 49 742

 

Bad Countries

Finally, it is interesting to see which countries host the most scammers. Most websites are using a server which is based in the United States. 3.8% of all websites hosted in this country have a Trust Score lower than 20. Slightly about the total average of 3%.

Countries like Hong Kong (8.2%), Senegal (6.0%), Singapore (5.9%) Canada (5.50%) and Russia (5.0%) are hosting the most scammers of the top 10 countries. Each country seems to have its own “specialization”. Where Hong Kong and Singapore are known for online stores selling fakes or not delivering, Senegal offers financial services and Russian scammers are heavily “investing” in cryptocurrency scams.

Country  Hosted Domains  Low Score Domains  % Low Score Domains
United States 1,407,912 53,479 3.8%
Germany 284,184 5,896 2.1%
Great Britain 152,504 2,866 1.9%
Netherlands 145,029 3,375 2.3%
Hong Kong 105,186 8,580 8.2%
Canada 89,868 4,897 5.5%
Russia 79,861 4,014 5.0%
Japan 79,366 2,111 2.7%
France 73,900 1,716 2.3%
Senegal 34,671 2,052 6.0%

If you look at the countries which, on average, have the lowest Trust Scores, some less known nations pop-up. Some of these countries are known for investment and cryptocurrency scams such as Belize, the Seychelles, and Virgin Islands. Uganda is known for advance fee frauds while Ghana is building up a reputation for pet scams. In many cases, these countries may not even really host the scam sites. Their IP address is however being used to hide the real location of the malicious servers.

Country  Average Score  Domains Hosted 
Belize 40 1,636
Ecuador 58 233
Panama 59 416
Hong Kong 61 191,250
Seychelles 64 270
Uganda 64 97
Virgin Islands 65 33,959
Yemen 69 30
Brunei 72 71
Ghana 72 147

 

How to Fix the Internet?

With 3% of all websites having a Trust Score of less than 20 out of 100, cybercriminals have clearly established themselves on the Internet. The big question is: how to fight them?

Cybercrime largely goes unpunished at this moment. Setting up a malicious website is cheap and very quickly to do. More importantly, the chance of getting caught is near to zero if the criminal operates outside his own country.

Of course, the organizations listed in this article are not criminal. However, their Know Your Customer (KYC) processes leave much to be desired. Some hosting providers, registries, and registrars have improved their KYC policies. The Danish .dk registry for example was able to reduce the number of online stores selling fakes with 80% in one year by just asking for an ID.

Unfortunately, forcing hosting providers, registries, and registrars to have more stringent KYC processes seems a lost cause. If there are a few “bad boys” in the market, scammers will just flock to these players.

Scamadviser is therefore betting on warning consumers via anti-virus software and internet filters about websites with low Trust Scores. Via its partners, the company is already reaching 1 billion users.  

About the Data

More than 100.000 consumers check Scamadviser.com every day and Scamadviser adds more than 1 million new websites to its database every month. Since 2012, Scamadviser has been developing an algorithm which gives every domain a Trust Score based on 40 different data sources.

The data analysis is based on 7 million recently scanned domains in Scamadviser’s database and its Trust Score.  A domain with a Trust Score of 100 is very, very likely legit. A domain that scores a 1 is very, very likely a scam. The average Trust Score is 85 with 3% of all sites scoring less than 20.

 

Report a Scam!

Have you fallen for a hoax, bought a fake product? Report the site and warn others!

Help & Info

Popular Stories

As the influence of the internet rises, so does the prevalence of online scams. There are fraudsters making all kinds of claims to trap victims online - from fake investment opportunities to online stores - and the internet allows them to operate from any part of the world with anonymity. The ability to spot online scams is an important skill to have as the virtual world is increasingly becoming a part of every facet of our lives. The below tips will help you identify the signs which can indicate that a website could be a scam. Common Sense: Too Good To Be True When looking for goods online, a great deal can be very enticing. A Gucci bag or a new iPhone for half the price? Who wouldn’t want to grab such a deal? Scammers know this too and try to take advantage of the fact. If an online deal looks too good to be true, think twice and double-check things. The easiest way to do this is to simply check out the same product at competing websites (that you trust). If the difference in prices is huge, it might be better to double-check the rest of the website. Check Out the Social Media Links Social media is a core part of ecommerce businesses these days and consumers often expect online shops to have a social media presence. Scammers know this and often insert logos of social media sites on their websites. Scratching beneath the surface often reveals this fu

So the worst has come to pass - you realise you parted with your money too fast, and the site you used was a scam - what now? Well first of all, don’t despair!! If you think you have been scammed, the first port of call when having an issue is to simply ask for a refund. This is the first and easiest step to determine whether you are dealing with a genuine company or scammers. Sadly, getting your money back from a scammer is not as simple as just asking.  If you are indeed dealing with scammers, the procedure (and chance) of getting your money back varies depending on the payment method you used. PayPal Debit card/Credit card Bank transfer Wire transfer Google Pay Bitcoin PayPal If you used PayPal, you have a strong chance of getting your money back if you were scammed. On their website, you can file a dispute within 180 calendar days of your purchase. Conditions to file a dispute: The simplest situation is that you ordered from an online store and it has not arrived. In this case this is what PayPal states: "If your order never shows up and the seller can't provide proof of shipment or delivery, you'll get a full refund. It's that simple." The scammer has sent you a completely different item. For example, you ordered a PlayStation 4, but instead received only a Playstation controller.  The condition of the item was misrepresented on the product page. This could be the