Fake Bose site selling goods at stupid prices.

I have got a slightly unusual potential scam / phishing / ID and money theft or fake goods scam to report on today. Yesterday I received a message via our submission form about a look-a-like site selling Bose products. The reporter was a bit concerned, saying “This site looks impressive but the price reductions are massive. Not at all what be expected from Bose or even for Bose products.”  This intrigued me, so I have done a bit of digging around.

I have to say that it is a very well done scam site that will definitely fool many prospective purchasers. I don’t know where these scammers are spamming out the links, but they must be out there somewhere.

The  link I was sent is https://boseoutlet.myshopify.com/password This obviously is  a shopify shop.  However when you click on any link you end up on https://www.boseexclusive.com which allegedly sells current and discontinued Bose products. The prices are absolutely unbelievable. Bose are a high end product and normally charge extremely high prices for their “exclusive” products. This alleged outlet is selling items for between 10% and 30% of the stated retail price. But if you look on any of the genuine Bose stores worldwide, you will see that the stated full  retail price on this scam site is lower than on the genuine Bose sites.

All of this rings alarm bells, so we look a bit deeper. The genuine Bose site has country specific sites & domains and generally prohibit you buying goods from a different country. So in the UK we cannot buy from the USA site, where prices are slightly lower on some goods. There are normally outlet stores on all Bose official sites  where reconditioned goods are sold at between 10% to 20% discount from full price.

Now I cannot categorically state that this look-a-like imitation of Bose is a definite scam or criminal enterprise. What I can state is that anybody considering buying from them should be aware of the extremely high likelihood that you will either get no products at all and your identity, credit card details etc will be stolen and used by criminals. Or you will get a totally fake product manufactured somewhere in China or another Far Eastern country that has lax manufacturing or copyright controls,  that is potentially very dangerous.

These are a few screenshots from the site, taken while I was doing a test purchase with a Fake ID & test credit card number

Start with the shopify link

fake or look-a-like Bose Outlet shop

Next click any link to go boseexclusive.com which is probably embedding the shopify back-end into the site

fake or look-a-like Bose Outlet shop

Next choose an item

fake or look-a-like Bose Outlet shop

fake or look-a-like Bose Outlet shop

 

And add to basket

fake or look-a-like Bose Outlet shop

fake or look-a-like Bose Outlet shop

 

Next credit card details and this is where we find out that this is a Chinese scam or rip-off ( or at least performed by Chinese Speaking entities)

Fake Bose site selling goods at stupid prices.

fake or look-a-like Bose Outlet shop payment page

We can see that the Chinese  payment site is embedded in the fake Bose site via an Iframe to https://www.yhpays.com/index.php/Payway/securepay

screenshot of iframe code

screenshot of iframe code

If you go to the home page of https://www.yhpays.com/ you see you get a sign in for merchants or sub-accounts all in Chinese. This company might well be a legitimate Chinese payment company, but I have doubts on how legal or legit it is.

This domain is behind cloudflare and was only registered on 26 March 2019, allegedly by a Malaysian entity or person so again rings very loud warning bells. Any newly created company that takes credit cards is automatically suspect.

Domain Name: YHPAYS.COM
   Registry Domain ID: 2373192996_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.webnic.cc
   Registrar URL: http://www.webnic.cc
   Updated Date: 2019-03-26T02:00:31Z
   Creation Date: 2019-03-26T01:43:46Z
   Registry Expiry Date: 2020-03-26T01:43:46Z
   Registrar: Web Commerce Communications Limited dba WebNic.cc
   Registrar IANA ID: 460
   Registrar Abuse Contact Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
   Registrar Abuse Contact Phone: +603.89966788
   Domain Status: ok https://icann.org/epp#ok
   Name Server: AIDEN.NS.CLOUDFLARE.COM
   Name Server: MELISSA.NS.CLOUDFLARE.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2019-05-14T05:10:25Z <<<

Queried whois.webnic.cc with “yhpays.com“…

Domain Name: yhpays.com
Registry Domain ID: 2373192996_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.webnic.cc 
Registrar URL: webnic.cc 
Updated Date: 2019-03-26T01:43:46Z
Creation Date: 2019-03-26T01:43:48Z
Registrar Registration Expiration Date: 2020-03-26T01:43:46Z
Registrar: WEBCC 
Registrar IANA ID: 460 
Registrar Abuse Contact Email: This email address is being protected from spambots. You need JavaScript enabled to view it. 
Registrar Abuse Contact Phone: +60.389966799 
Domain Status: ok https://icann.org/epp#ok 
Registry Registrant ID: Not Available From Registry
Registrant Name: Domain Admin 
Registrant Organization: Whoisprotection.cc
Registrant Street: L4-E-2, Level 4, Enterprise 4, Technology Park Malaysia, Bukit Jalil
Registrant City: Kuala Lumpur
Registrant State/Province: Wilayah Persekutuan
Registrant Postal Code: 57000
Registrant Country: Malaysia
Registrant Phone: +60.389966788
Registrant Phone Ext: 
Registrant Fax: +60.389966788
Registrant Fax Ext: 
Registrant Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Registry Admin ID: Not Available From Registry

Now lets look quickly at boseexclusive.com where we see that this was also registered very recently on 30 April 2019 with everything behind privacy protection but hosted by EGIHosting who appear to be a joint USA / Chinese venture

Address lookup

canonical name boseexclusive.com.
aliases
addresses 172.120.117.119

Domain Whois record

Queried whois.internic.net with “dom boseexclusive.com“…

   Domain Name: BOSEEXCLUSIVE.COM
   Registry Domain ID: 2385868082_DOMAIN_COM-VRSN
   Registrar WHOIS Server: whois.namesilo.com
   Registrar URL: http://www.namesilo.com
   Updated Date: 2019-04-30T05:25:03Z
   Creation Date: 2019-04-30T05:25:03Z
   Registry Expiry Date: 2020-04-30T05:25:03Z
   Registrar: NameSilo, LLC
   Registrar IANA ID: 1479
   Registrar Abuse Contact Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
   Registrar Abuse Contact Phone: +1.4805240066
   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
   Name Server: NS1.DNSOWL.COM
   Name Server: NS2.DNSOWL.COM
   Name Server: NS3.DNSOWL.COM
   DNSSEC: unsigned
   URL of the ICANN Whois Inaccuracy Complaint Form: https://www.icann.org/wicf/
>>> Last update of whois database: 2019-05-13T13:27:43Z <<<

Queried whois.namesilo.com with “boseexclusive.com“…

Domain Name: boseexclusive.com
Registry Domain ID: 2385868082_DOMAIN_COM-VRSN
Registrar WHOIS Server: whois.namesilo.com
Registrar URL: https://www.namesilo.com/
Updated Date: 2019-05-12T07:00:00Z
Creation Date: 2019-04-29T07:00:00Z
Registrar Registration Expiration Date: 2020-04-29T07:00:00Z
Registrar: NameSilo, LLC
Registrar IANA ID: 1479
Registrar Abuse Contact Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Registrar Abuse Contact Phone: +1.4805240066
Reseller: domain manage
Domain Status: clientTransferProhibited https://www.icann.org/epp#clientTransferProhibited
Registry Registrant ID: 
Registrant Name: Domain Administrator
Registrant Organization: See PrivacyGuardian.org
Registrant Street: 1928 E. Highland Ave. Ste F104 PMB# 255
Registrant City: Phoenix
Registrant State/Province: AZ
Registrant Postal Code: 85016
Registrant Country: US
Registrant Phone: +1.3478717726
Registrant Phone Ext: 
Registrant Fax: 
Registrant Fax Ext: 
Registrant Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Registry Admin ID:

Network Whois record

Queried whois.arin.net with “n 172.120.117.119“…

NetRange:       172.120.0.0 - 172.121.255.255
CIDR:           172.120.0.0/15
NetName:        EGN-23
NetHandle:      NET-172-120-0-0-1
Parent:         NET172 (NET-172-0-0-0-0)
NetType:        Direct Allocation
OriginAS:       AS18779
Organization:   EGIHosting (EGNL-1)
RegDate:        2015-06-23
Updated:        2015-06-23
Ref:            https://rdap.arin.net/registry/ip/172.120.0.0


OrgName:        EGIHosting
OrgId:          EGNL-1
Address:        55 S. Market St.
Address:        Suite 1616
City:           San Jose
StateProv:      CA
PostalCode:     95113
Country:        US
RegDate:        2007-07-23
Updated:        2018-04-11
Comment:        http://egihosting.com
Ref:            https://rdap.arin.net/registry/entity/EGNL-1

IOCboseexclusive.com172.120.117.119egihosting.comyhpays.comboseoutlet.myshopify.com

Read more https://myonlinesecurity.co.uk/fake-bose-site-selling-goods-at-stupid-prices/

Add comment

By entering a comment, if it is of a commercial nature, you will be auto enrolled in our customer care course as detailed in our rate card.
By entering a comment you legally agree to the course and to pay. Thanks


Security code
Refresh