• 84 per cent of top 100 hundred brands leave their websites open for scraping and fraudulent use
• One in five bargain hunters deceived by fraudulent sites

Research released today raises worrying questions about the current ability of online retailers to protect their customers from the threat of online fraud.

The research, conducted by online brand protection specialists Global Brands Protection Ltd in November 2012, tested the websites of 100 of our most popular high street retailers, including John Lewis, French Connection and Debenhams, to assess how well their assets were protected online. Key components examined included the company logo, product images, trustmarks and payment pages – in other words, those items that a would-be criminal would require to give their fraudulent site a legitimate appearance to online shoppers.

Key findings for the top 100 brands investigated include:

• 61 per cent of logos and 84 per cent of main images are unprotected
• A mere 6 per cent of homepages included some sort of site validation. In addition, only 15 per cent featured a validation system on their payment pages
• Accreditation and trustmarks were either entirely absent or unsecured

Marc Howard, co-founder of Global Brands Protection Ltd, said: “The results were somewhat astounding. Of the 100 sites we assessed, a mere 39 had seemingly taken any steps at all to protect the assets on their websites. Fully 84 per cent had product images that could be taken and the payment pages of 85 per cent were unvalidated. Essentially what this amounts to is the perfect recipe for online fraud. Using basic site scraping tools it’s possible to create a mirror image of a site using logos, the product images, and any other items that a consumer might look to for reassurance, such as validation marks. By leaving key elements of their sites unprotected, they are incredibly vulnerable to copycat sites. In most circumstances, a brand only becomes aware of a problem when consumers report that they have been ripped off.”

Images and logos can be taken in seconds either manually or by automated software. From the simple ‘right-click’ facility to take images, to sophisticated web-scrapers, which are freely available on the internet, criminals can download all the images on genuine sites to give them the collateral to build fake websites. At present, once an image has been removed from a genuine website, it is extremely difficult, and often impossible, even with current search tools, to find out who is using a brand’s images, where they are being used and for what purpose, legitimate or otherwise.

Danny Howard, co-founder of Global Brands Protection Ltd, added: “The research revealed that although many top brands are concerned about online security, a lot more could be done. Gold stars go to Burberry and Footlocker, who have clearly made attempts to secure their IP online, but in general, the results are dismal. Online scams and fraudulent sites are becoming more sophisticated by the day, making it difficult for even the savviest shoppers to discern illegitimate sites from genuine. As many as one in five online shoppers on the lookout for a bargain inadvertently find themselves lumbered with fraudulent product[1], and often nothing at all. Taking into account that online retailers are in line for a bumper Christmas this year, with UK consumers expected to spend £4.6 billion online during the first two weeks of December[2], there’s a great deal at stake.”

“Tackling online fraud is an ongoing arms race against the ever more sophisticated use of technology. However, some relatively simple steps can be taken by retailers operating online to prevent their identities being stolen and used fraudulently,” Marc concluded.

[1] https://www.markmonitor.com/download/report/MarkMonitor_Shopping_Report-2012.pdf
[2] http://www.guardian.co.uk/money/2012/nov/12/online-retailers-expect-bumper-christmas