Brand recognition is a big part of the luxury business – something cybercriminals are well aware of. To capitalize on consumer trust, they’re setting up fake domains to trick users with seemingly small, plausible offers to appear authentic, ramping up their activity around key shopping seasons.
Researchers at PreCrime Labs, the research division of BforeAI, identified a total of 1,330 domains between mid-August and late September 2025, with 1,213 posing as one of the 23 examined luxury brands. Some of the brands include Gucci, Prada, Louis Vuitton, Rolex, Chanel, Dior, Versace, and Dolce & Gabbana.
Some of them also appear as “boutique” and “outlet” variations, trying to appear legitimate or entice consumers with fake discounts.
According to researchers, the domains were registered shortly before the high-peak holiday season – and not linked to any of the legitimate company names or emails. While many sites are currently inactive, BforeAI’s PreCrime predictive security platform flagged a few as potentially likely to go live during the busy holiday shopping period.
The team also noted the likely presence of a coordinated operator or reseller network in charge of the campaigns, as certain email addresses, such as “murphywuonline@gmail[.]com”, were spotted across multiple domains. Researchers also mention an uptick in threat actors capitalizing on trending news, particularly about current geopolitical events, such as tariffs.
In late September, a total of 800 suspicious domains were registered, accounting for 67% of all those in the dataset. The largest spike in domain registrations occurred on September 11th, 2025, which researchers explain by the upcoming high-traffic “shopping season” events like the Diwali, Hanukkah, and Christmas celebrations.
Most remain parked or inactive, which likely means they’re being held for future use. In cases like this, domains are typically activated around major promotional events like Black Friday and other holiday sales. This gives them a short-lived cycle where they can exploit the potential to capitalize on brand recognition to the maximum.
Researchers note that many of the luxury brands are tailored for an in-store experience – and these were typically less likely to be targeted, such as Van Cleef and Tag Heuer, which had less than 10 identified domains.
The uptick in fake domain registrations also coincides with US trade tariffs, as numerous Chinese sites were observed using “factory outlet” keywords to pose as a legitimate outlet selling heavily discounted luxury items.
To avoid reputational and financial damages, retailers are advised to prevent domain abuse by proactively registering high-risk brand variants, monitoring brand abuse, and educating customers on safe purchase practices.
Your email address will not be published. Required fields are markedmarked