{"api":{"host":"https:\/\/pinot.decanter.com","authorization":"Bearer NjczYWY5OTk4MDQzMjEzMjllNjM0YThiM2JlZjY5NGY0MzQzOGQ2NzEzYWJkNDJiMTNmZjc4YjM2NTA1ZGJkMw","version":"2.0"},"piano":{"sandbox":"false","aid":"6qv8OniKQO","rid":"RJXC8OC","offerId":"OFPHMJWYB8UK","offerTemplateId":"OFPHMJWYB8UK","wcTemplateId":"OTOW5EUWVZ4B"}}

Cyber security experts warn over online wine scams

Scammers have increasingly used wine-themed domain names to target potential victims during parts of the Covid-19 lockdown, a recent cyber security report has suggested. 

Online wine scams became a bigger threat as cyber criminals sought to take advantage of more people and businesses organising virtual drinks and ordering bottles on the internet in the wake of Covid-19 restrictions, suggests the report. 

So-called ‘phishing emails’ were a particular concern, according to findings published in April by US-based group Recorded Future in partnership with Area 1 Security.  

From January 2020 onwards, the authors found a significant rise in legitimate wine-themed web domain registrations using terms like Merlot, Pinot, Chardonnay or Vino.

Monthly registrations began rising in February and peaked in May 2020, hitting 12,400 per month. 

They then hovered at around 7,000 to 9,500 per month up to March 2021, which is two to three times above pre-pandemic levels, according to the report’s data.

But the authors also found a sharp increase in wine-themed domain names that were deemed ‘malicious’, especially from around April 2020 onwards.

‘It appears that it took some time for cyber criminals to catch on to the idea of using wine in malicious activities,’ the authors said. 

‘Tracking malicious wine-themed domains as a percentage of total wine domains registered shows that the peak as a percentage of total wine-themed domains was in June 2020 at 7%.’

Since then, that figure has been around 3% to 5%. While that’s relatively low compared to some other sectors, the authors said their data shows that growing interest in wine online has not escaped the notice of scammers.   

‘The majority of activity we saw over the last year revolved around spam campaigns,’ Allan Liska, security architect at Recorded Future, told Decanter

‘They appear primarily designed to get victims to click on websites for ad revenue purposes or to buy questionable wine-related products. 

‘There also seems to be an interest in harvesting email addresses and other personal information. This data is collected and often sold on underground forums (often referred to as the Dark Web).’ 

He added that some scammers were targeting company employees.

‘The most serious threat, which accounted for about 13.5% of the email campaigns observed, is Business Email Compromise. These are emails that are designed to trick victims into wiring funds to the attacker under the guise of a business purpose. 

‘These could be as simple as, “You need to pay this invoice for the wine your boss ordered”, to more complex attacks that purport to come from the CEO or other senior management.’

While the report mostly looked at threats to companies, Liska said that individual wine lovers were also at-risk. Plus, ‘most individual wine lovers don’t have the professional email filters that organisations often do’.

His advice was to check domain names, email addresses and content carefully.

‘Scammers have gotten more sophisticated over the years, so what we recommend is take a breath before clicking on any link. If an offer seems too good to be true it most likely is.

‘If you get an email that you are suspicious of, ensure that the domain is one that you recognise.’


See also: 

US deports convicted wine fraudster Rudy Kurniawan

New fingerprint method may help detect wine fraud

Latest Wine News