Store info is being cloned on imposter site

Solved

Store info is being cloned on imposter site

JHS1
Excursionist
17 0 2

Our url: www.justwalkers.com

clone wordpress site: justwalkers.shop

 

I added script given in other threads:  
<script>
if (window.location.hostname.replace(/\./g,'') !== "wwwjustwalkerscom") {
if (window.location.hostname == "{{ justwalkers.com }}") { (I also used the shopify sttore domain, but had the same result)
console.log("ok")
} else {
window.location.replace('https://www.reportfraud.ftc.gov')
}
}
</script>

 

This is directing our real site to the gov redirect site. I want the .shop site to be redirected. Can someone help?

I have reported the clone, but hosting is in Bulgaria, so I don't expect much to be done. I do see they are using The Open Graph Protocol and a wordpress site. not sure if that helps.

Thank you!

Accepted Solution (1)

Laza_Binaery
Shopify Partner
100 25 44

This is an accepted solution.

Hi @JHS1 

Sorry to hear about your issues. We were in a similar situation before.

 

First, that script would not work if you have it on your site. And I do not think they would copy it to clone site.

 

That clone looks like a clear scam, with those unrealistic prices but there are always some people who would still buy from them.

I suggest you try to report to as many places as you can. First, try the domain registrar https://abuse.sav.com/sav. I had some difficulties to

search more details on a domain but one online tool returned sav.com so try that. Also check this list and take some time to write reports with more details and exact product links. 

 

▼ Sites to Report Malicious URLs: ▼

• Google SafeBrowsing: https://safebrowsing.google.com/safebrowsing/report_phish/

• Microsoft: https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site

• Fortiguard: https://www.fortiguard.com/webfilter

• BrightCloud: https://www.brightcloud.com/tools/url-ip-lookup.php

• CRDF: https://threatcenter.crdf.fr/submit_url.html

• Netcraft: https://report.netcraft.com/report

• Palo Alto Networks: https://urlfiltering.paloaltonetworks.com/

• ESET: https://phishing.eset.com/en-us/report

• Trend Micro: https://global.sitesafety.trendmicro.com/index.php

• BitDefender: https://www.bitdefender.com/consumer/support/answer/29358/

• Forcepoint: https://csi.forcepoint.com/

• Symantec: https://sitereview.symantec.com/#/

• Kaspersky: https://opentip.kaspersky.com/

 

Good luck

 

Kind regards
Laza
www.binaery.com

View solution in original post

Replies 5 (5)

JHS1
Excursionist
17 0 2

I also tried this script: 

<script>
if (window.location.hostname.replace(/\./g,'') !== "wwwjustwalkerscom") || (window.location.hostname == "{{ just-walkers.myshopify.com/}}”) {
console.log("ok");
} else {
window.location.replace('https://www.justwalkers.com’);
}
</script>

Laza_Binaery
Shopify Partner
100 25 44

This is an accepted solution.

Hi @JHS1 

Sorry to hear about your issues. We were in a similar situation before.

 

First, that script would not work if you have it on your site. And I do not think they would copy it to clone site.

 

That clone looks like a clear scam, with those unrealistic prices but there are always some people who would still buy from them.

I suggest you try to report to as many places as you can. First, try the domain registrar https://abuse.sav.com/sav. I had some difficulties to

search more details on a domain but one online tool returned sav.com so try that. Also check this list and take some time to write reports with more details and exact product links. 

 

▼ Sites to Report Malicious URLs: ▼

• Google SafeBrowsing: https://safebrowsing.google.com/safebrowsing/report_phish/

• Microsoft: https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site

• Fortiguard: https://www.fortiguard.com/webfilter

• BrightCloud: https://www.brightcloud.com/tools/url-ip-lookup.php

• CRDF: https://threatcenter.crdf.fr/submit_url.html

• Netcraft: https://report.netcraft.com/report

• Palo Alto Networks: https://urlfiltering.paloaltonetworks.com/

• ESET: https://phishing.eset.com/en-us/report

• Trend Micro: https://global.sitesafety.trendmicro.com/index.php

• BitDefender: https://www.bitdefender.com/consumer/support/answer/29358/

• Forcepoint: https://csi.forcepoint.com/

• Symantec: https://sitereview.symantec.com/#/

• Kaspersky: https://opentip.kaspersky.com/

 

Good luck

 

Kind regards
Laza
www.binaery.com

Imogen
Shopify Staff
2045 226 388

Hey there, @JHS1! Thanks for taking the time to reach out to the Shopify Community today regarding this situation with your online store being cloned. My name is Imogen. It's good to meet you!

 

First, I recommend taking the time to report the page to whatever platform you suspect the page to be hosted on. This will make the platform aware of the situation at hand. You could also take the time to report the site to Google Safe Browsing for their awareness. You can also attempt to get some information regarding the entity by doing a WHOIS lookup and using the information found to get in touch with the platform hosting the content.

 

Our Teams have worked on some suggestions regarding coding that you can use to assist with stopping these duplications, as well as help get folks redirected to the proper store. I have the following code for you to consider. Before making any changes to your code, please make a back-up of your theme PRIOR to adding any new code to your theme files.

 

I want to note that this code is not something that we can guarantee will prevent duplications or resolve this issue. Different themes may require this code to be put in different spots of their coding. As Shopify Support Staff like myself are not trained on code, we cannot advise on specifically where you should put this code - someone else with more code experiencing may happen by this thread and make a suggestion, or you can hire a Shopify Partner to assist.

 

<script>
if(window.location.href.indexOf("merchantdomain.com") == -1) {
window.location = 'https://merchantdomain.com'; }
</script>

 

Shopify Support Staff like myself are not able to advise on legal advice or information, so we do recommend that if you want some guidance on other ways to go about addressing this situation regarding this imposter, to please consult a local expert on the topic so they can help you address the situation beyond how these reporting links and code suggestions may assist.

Imogen | Social Care @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog

JHS1
Excursionist
17 0 2

I have reached out to cloudflarenet, as they came up as IP. They gave me this as a response: :

Cloudflare received your DMCA copyright infringement complaint regarding: justwalkers.shop
Cloudflare offers network service solutions including pass-through security services, a content distribution network (CDN) and registrar services. Due to the pass-through nature of our services, our IP addresses appear in WHOIS and DNS records for websites using Cloudflare. Cloudflare cannot remove material from the Internet that is hosted by others.
Accepted URL(s) on justwalkers.shop:
https://justwalkers.shop 
        Hosting Provider:
        -----------------

        CloudWall Ltd.

        Abuse Contact:
        --------------
        abuse@cloudwall.bg
We have notified our customer of your report."

 

I also looked up cloudwall, and they are a basic webpage that has set up shop. I am not expecting help from them.

 

@Imogen  - would my code be written as you did, or would it be :

<script>
if(window.location.href.indexOf("justwalkers.com") == -1) {
window.location = 'https://justwalkers.com '; }
</script>

 

Imogen
Shopify Staff
2045 226 388

Hey again, @JHS1. Thank you for tagging me. The code snippet I provided is provided from one of our Internal Teams here at Shopify as part of a suggestion to assist with preventing cloning/redirecting stores during situations like these. As I mentioned in my previous post I'm not trained on coding (nor are any of our other frontline support staff) so I wouldn't be able to advise on how that code is meant to be written or what changes should be made to it. I recommend revisiting the expectations I set around that snippet for context around using it and what it may accomplish.

Imogen | Social Care @ Shopify 
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Mark it as an Accepted Solution
 - To learn more visit the Shopify Help Center or the Shopify Blog