Cloudflare received an abuse report regarding:
asosrussia.ru
Please be aware Cloudflare is a network provider offering a reverse proxy, pass-through security service. We are not a hosting provider. Cloudflare does not control the content of our customers.
The actual host for asosrussia.ru are the following IP addresses. 95.217.68.51. Using the following command, you can confirm the site in question is hosted at that IP address: curl -v -H «Host: asosrussia.ru» 95.217.68.51/
Below is the report we received:
Reporter: Anonymous
Reported URLs:
http://asosrussia.ru
Logs or Evidence of Abuse: Hello,
We have discovered a suspected fake shop being hosted on your network:
http://asosrussia.ru [172.67.134.68]
This attack targets our customer, ASOS, website URL https://www.asos.com/.
We have good reason to suspect this site to be a 'fake shop' selling goods belonging to the brand 'ASOS', a fraudulent online store created for the theft of consumer payment information and/or the illicit provision of counterfeits.
Like phishing scams, fake shops fraudulently induce victims to enter their bank card details and typically charge them for the purchase as well as stealing those card details. The victim will usually receive nothing in return or only counterfeit goods.
A combination of the following factors identify a shop as fake:
* Newly registered domain, often registered on a recently expired domain.
* The domain name does not match the brand or brands contained on the site.
* Highly discounted prices on all the products in the store, often over 50% with all items being in stock with a large arbitrary number of units in stock.
* The layout of the site is very generic — it just displays the products, with no accompanying text, often using a default theme.
* Either with fake contact details, or there is neither an address nor a contact phone number for the company running the website — the contact page is often just a form.
* Some sites offer seals of security on the bottom of the page (e.g. 'SSL Secured', 'Verified by Visa', or 'Verisign Secured'), but these are just images.
* The store may have limited information about delivery and other policies, or text copied from legitimate sites.
* The sites do not use an HTTPS issued by an HTTPS SSL certificate authority, which you would expect on legitimate online shops.
We understand that this site is simply a redirect, however this site is directly involved in the attack as it redirects to fraudulent content. Plus, the redirect is controlled by a fraudster so can be reused for future attacks, making its removal all the more important.
We have attached a letter evidencing Netcraft's authority to raise this request on behalf of our customer, ASOS.
Please remove this fake shop and work with us to protect legitimate businesses and online consumers.
Additionally, please keep the fraudulent content safe so that our customer and law enforcement agencies can investigate this incident further once the site is offline.
More information about the detected issue is provided at https://incident.netcraft.com/7d1d51ebc4c3/
Many thanks,
Netcraft
Phone: +44(0)1225 447500
Fax: +44(0)1225 448600
Netcraft Issue Number: 34987023
Please address this issue with your customer.
Regards,
Cloudflare Trust & Safety
