Luxury Brands Face Wave of Impersonation via Over 1,300 Suspicious Domains Ahead of Holiday Season
Published on October 30, 2025
- Massive scale: Over 1,300 suspicious domains registered between August and September 2025, with more than 1,200 specifically impersonating 23 top luxury brands.
- Coordinated effort: A significant spike in late September showed coordinated patterns and recurring email addresses, indicating an organized operation.
- Staged for attack: Most are currently inactive or parked, suggesting they are being staged for activation during high-traffic periods.
A large-scale campaign of high-end fashion brand impersonation may be preparing to target consumers ahead of the 2025 holiday shopping season. A clear spike of 800 domain registrations occurred in late September, indicating a coordinated effort to prepare infrastructure for upcoming phishing campaigns and other fraudulent activities.
Tactics Used in Brand Impersonation Scams
A new report from BforeAI has uncovered 1,330 suspicious domains created between mid-August and late September, with 1,213 of them abusing the names of prominent brands, like:
- Gucci,
- Prada,
- Rolex,
- Louis Vuitton,
- Chanel,
- Dior,
- Versace,
- Dolce & Gabbana.
The campaign employs a variety of deceptive tactics to lure unsuspecting shoppers. Threat actors register domains using keywords like "outlet," "store," "sale," and "vip" to create a false sense of legitimacy and attract consumers seeking discounts.
Analysis also revealed the use of automated or bulk domain registration, creating numerous lookalike sites with sequential numerical patterns. These domains are poised to become active during major sales events, presenting a significant risk of financial loss and data theft for consumers.
Some domains use typosquatting or misspelled variants of brand names, while multiple domains further blend scam operations with counterfeit e-commerce, focusing on replica buyers, fake giveaways, and slot-based or gambling prize lures.
Risks and Implications for Brands and Consumers
This surge in malicious domains poses severe holiday shopping threats and significant reputational risk for the targeted companies. Once active, these sites can be used for phishing, selling counterfeit goods, or outright financial fraud.
For consumers, the risk involves submitting sensitive personal data and payment information to fraudulent sites. For brands, these impersonation attacks can lead to a loss of consumer trust and revenue.
The findings underscore the growing need for enhanced cybersecurity for fashion brands, including proactive domain monitoring and rapid takedown capabilities to mitigate the impact of such widespread brand abuse.
Bfore AI recommends:
- Proactively registering high-risk brand variants and common keyword combinations
- Developing pattern-based continuous intelligence monitoring dashboards organized by registrar, TLD, and keyword to track brand abuse
- Public awareness campaigns
- Incident playbook development
In August, gambler panel scam operations with an affiliate network were seen targeting victims through fake online casinos. Meanwhile, Singapore ordered Meta to implement Facebook anti-scam measures under the new Criminal Harms Act.
Related
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular
Get expert insights on threats, breaches, scams, and security trends — delivered every Monday.
Most Popular