• USA 1 (646) 905-0181
  • contact@legitwebadvisor.com
Legit Web Advisor Website Logo
Get Started

How Cloned Firms Operate

How Cloned Firms Operate and How to Avoid Them

Online scammers have evolved well beyond phishing emails and fake phone calls. Building websites used to be a significant task, even for web programmers.   With the onset of so many AI (artificial intelligence) options, it’s easy for nearly anyone with a computer and internet connection, to create a world-class looking website.

One of the most popular online scams today is via cloned websites —near-perfect replicas of legitimate company websites designed to trick visitors into handing over money, personal data, or both. 

These counterfeit sites steal identities, drain victim bank accounts, and harm trust in the real online business that was cloned. This article breaks down how cloned firms work and, more importantly, equips you with practical steps to stay safe.

What Are Cloned Firms Websites?

A cloned firm is a fraudulent website that mimics the design, content, and branding of a real, regulated company—often a financial services provider, investment firm, or brokerage. Scammers don’t just copy a logo; they replicate entire layouts, copy text verbatim, and even forge regulatory badges to appear authentic.

Website users who are already interested in the legitimate service are often mislead by a simple one or two letter change in the URL from the real website to the clone.  Victims believe they’re dealing with a trusted entity, only to lose funds to wire transfers, cryptocurrency deposits, or stolen credentials.

Real-world impact: The UK’s Financial Conduct Authority (FCA) reports that clone scams caused over £100 million in losses in 2023 alone, with similar trends globally.  The losses worldwide amount into the billions of dollars.  The trend is growing in number of scams and amount of losses annually.

How Cloned Firms Operate: A Step-by-Step Breakdown

Scammers follow a sophisticated playbook to build and exploit cloned sites. 
However, they repeat these steps over and over, and that leads to breadcrumbs that can be exploited by cyber-intelligence agencies that are working to catch the scammers.

 Here’s how it typically unfolds:

1. Real Website/Company Target Selection
 Scammers choose high-value, trusted firms (e.g., banks, crypto exchanges, insurance companies, and pension advisors). Essentially, they are looking for companies in industries with many customers, and a high turnover of new customers in order to trick them into clicking on their clone instead of the real website.   They also prioritize companies with complex services, like banks and financial institutions, where victims are less likely to notice red flags immediately.

2. Website Cloning
Using web scraping tools, they copy HTML, CSS, images, and text from the real site.  Subtle changes are made: a different domain (e.g., `realbank-login.com` vs. `realbank.com`), altered contact details, and of course, fake testimonials, fake employees, etc…   SSL certificates are added, usually with a free option, like “Let’s Encrypt”, so they can display the padlock icon.

3. Leads Generation
Paid ads – Scammers bid on branded keywords (e.g., “Real Bank login”) to appear above the real site in Google and Bing Ads.
Domains with spelling errors: Registering domains like g00gle.com or barclays-bnk.com.   Spam Email/SMS  “Your account is locked—log in here to verify.”  Despite the effort real institutions make to keep customers safe, if a user clicks on a fake email link, there’s little that can be done to avoid it.  The best defense comes from education (such as articles like this).

4. The Sting
Victims are prompted to: Enter login credentials (harvested for real accounts).  – Make “verification” payments to scammer-controlled wallets.  Download “security software” (actually malware).  Once funds or data are captured, the site often vanishes or redirect to the real firm.

Red Flags: How to Spot a Cloned Firm

Notice that we put a “red flag” section in every post on this website.  Even savvy users can be fooled, but these warning signs help to raise immediate alarm and awareness:

What to Check On a Website

Suspicious URL – Does it match the official domain exactly? Look for extra hyphens, `.co` instead of `.com`, or odd endings (TLD’s) like g00gle.top

Urgency – “Act now or lose access!”—legitimate firms don’t pressure like this. 
Unusual Payment Requests – Requiring crypto, or gift cards to “verify” identity. 
Poor Grammar – Subtle typos, broken links, or images that don’t load properly.  Scammers aren’t renowned for great spelling.

Contact Info – Phone numbers or emails not listed on the official site. 

No Regulatory Proof – Missing or fake license numbers—cross-check with official registries (e.g., FCA, SEC). This is the #1 red flag on the scams we’ve seen.

How to Avoid Cloned Firms: Your Action Plan

Prevention beats recovery. The user has the biggest role in not becoming a victim.

Follow these steps every time you interact with a financial site:

Bookmark Official Sites
Save direct links to login pages. Never click email or ad links.  NEVER!

Verify with a third party trusted website.
– Type the URL yourself or use a trusted search engine.
– Use tools like:
– [FCA Warning List](https://www.fca.org.uk/scamsmart/warning-list)
– [SEC Investor.gov](https://www.investor.gov/)
– [IC3.gov](https://www.ic3.gov/) (FBI Internet Crime Complaint Center)

Don’t be swayed by what’s written on a website.  You’ll need to verify it with an independent trusted site.

3. Enable Two-Factor Authentication (2FA)
Even if credentials are stolen, 2FA blocks unauthorized access.

4. Scrutinize Ads and Emails
For example, hover over links to see the real URL.  

5. Report Suspicious Sites

Forward phishing emails to `report@phishing.gov.uk` (UK) or  spam@uce.gov` (US).
Report fake sites to the authentic company/bank, if you are a customer of their’s.  Your message might be the first they’ve heard of it.  

What to Do If You’ve Been Targeted

We’ll have more to say on this in another article, but here’s a good short-list of steps to take if you feel you’ve become a victim of a scam.

1. Act fast: Contact your bank to freeze accounts.
2. Change passwords on all related accounts.
3. Scan for malware using reputable antivirus software.
4. File reports with local cybercrime units and the real firm.

Remember, awareness is your strongest defense.   

Contact us if you’d like more information on how cyber intelligence can help you locate scammers.

Please share this guide with friends and colleagues.

 

How Cloned Firms Work Article Illustration
author avatar
Michael Turner
See Full Bio
Tagged

Leave a Reply

Your email address will not be published. Required fields are marked *

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by