These Properties Are Spoofing Online Shops | WhoisXML API

Threat Reports

Online Shopping Danger? We Discovered 13K+ Cybersquatting Properties Targeting the Top E-Commerce Sites

Online shoppers have always been prone to cybercrime, such as financial scams, hacking, and credential theft. Domains and subdomains are common vehicles for these criminal activities, but more compelling are those that imitate major e-commerce sites.

When IBM X-Force Exchange1 reported a cybersquatting campaign targeting AliExpress, WhoisXML API researchers decided to look deeper and expand the DNS monitoring to include other major e-commerce platforms. Here are our key findings:

  • We found 13,700+ domains and subdomains added since 1 May 2022 imitating AliExpress, Amazon, Avito, eBay, Etsy, Rakuten, and Walmart.
  • Of these, 7,600+ properties actively resolved to 4,200+ IP addresses.
  • An alarming 7% or 960 cybersquatting properties have already been flagged as malicious barely a month after they were registered.

Download a sample of the threat research materials now or contact us to access the complete set of research materials.


  • [1]
Try our WhoisXML API for free
Get started