Mon | Sep 27, 2021

Collin Greenland | Investigating fraudulent websites

Published:Sunday | June 30, 2019 | 12:00 AM
Collin Greenland

In this modern era, characterised by the emergence of complex and multilayered cybercrimes, a study commissioned by leading security application ‘Bromium’, and presented by Dr Michael McGuire, has found that the cybercrime economy has grown to US$1.5 trillion annually.

The commonplace and ubiquitous use of websites in today’s electronic age increasingly has provided fertile hunting ground for cybercriminals plotting to rip off not only businesses with sophisticated security defences, but also the average consumer who is less equipped to protect himself.

Many government agencies and consumer-protection organisations mercifully, are now offering guidance publicly on how to avoid and protect themselves from scams and frauds channelled through websites.

Some of the most common tips that have emerged include

- scrutinising the URL.

- checking the connection security indicators.

- examining the certificate details.

- looking for endorsement by established organisations (trust seals).

- examining the domain carefully.

- noting excessive spelling or grammatical errors.

- testing the “contact us” section.

- researching the registration via a “who is” check.

- exploring the shipping/return policy.

- scrutinising the forms of payments requested.

- tracking their digital footprints, and so on.

However, in cases where these tips were not known or heeded, and persons/organisations become victims of these nefarious websites, investigative actions are required to unmask the operators.

Fortunately, experienced cyber sleuths are aware of various organisations and websites that assist in identifying shady websites and offer their services at our favourite price: gratis!

Some of these include websites such as ‘Who Is Hosting This’, ‘’, and possibly the most known internationally, ICANN (Internet Corporation for Assigned Names and Numbers). This is a private non-profit corporation that allocates space for IP addresses and manages domain names (among other things), using a service called ‘WHOIS’, and it provides a long list of biographical information for every website in the world.

It is important to note, however, that investigative sites such as ICANN are not as useful when used to access information from websites protected by a domain privacy service (or proxy protection service) and used by site owners who wish to preserve their privacy for both legitimate or other reasons. Superstar entertainers and sportspersons, for example, may have perfectly legitimate websites for publicity reasons but zealously protect their privacy from fans, stalkers, blackmailers, etc.

Similarly, unscrupulous site owners who need to remain anonymous have a plethora of domain privacy services to choose from in the open market, including services like Who Is Guard, Proxy Protection, Domains by Proxy, Security Trails, Surface Browser, Deteque, Domain Tools, among others.


Investigators, however, must acknowledge that in most jurisdictions worldwide, unearthing hidden information on a protected website is illegal unless armed with the requisite legal authorisation such as a court order or a valid subpoena from a law enforcement agency.

Proficient investigators, however, have found ways to circumvent this challenge, such as, for example, querying a passive DNS/WHOIS server (as opposed to a live WHOIS database).

In advanced economies such as the United States, for example, the government offers internet fraud detection services through agencies such as the FBI, the Bureau of Consumer Protection, and the Federal Trade Commission. These US government agencies also offer guidance on avoiding and combating fraudulent sites as well as provide lists of known perpetrators.

Reputable organisations that track this information for free include the Better Business Bureau’s Scam Tracker, which allows you to search by keywords, scam type, location, and date.

Fake INet is another free service that provides a scam finder search box. Enter the URL of a suspicious website, and, if guilty, Fake INet displays the site onscreen. Other such free services include Scam Detector and We Get Scammed For You.

Notwithstanding these investigative insights, particularly the availability of free services, one should always seriously consider engaging experienced, qualified professionals to conduct these investigations as identifying, detecting, analysing, and reporting the deeds of unscrupulous website operators, like any other fraud investigation, is fraught with pitfalls for the uninitiated.

- Collin Greenland is a forensic accountant. Email feedback to and