Fake French Keen websites: scam / phishing

[NotaInutilis]

Prerequisites

• [X] This is not a support issue or a question. For support, questions, or help, visit /r/uBlockOrigin.
• [X] I performed a cursory search of the issue tracker to avoid opening a duplicate issue.
• [X] I am running the latest version of uBlock Origin (uBO).

I tried to reproduce the issue when...

• [X] uBO is the only extension.
• [X] uBO uses default lists and settings.
• [X] using a new, unmodified browser profile.

Description

Malicious URL faking the identity of a non existant French branch of the Keen shoes brand. They also rank pretty high on search engines (Google, DuckDuckGo, Bing). Official webpage for France is https://www.keenfootwear.de/en/

URL(s) where the issue occurs.

Fakes:

keen-chaussure.fr
keen-france.fr
keenshoesfrance.com
keenfrance.fr
keen-fr.com
keen-chaussures.com
keenfrancefr.com
keenfr.com
keen-chaussures.fr

Screenshot(s)

No response

uBO version

1.51.0

Browser name and version

Firefox 116.0.1

Settings

None

Notes

Some urls have already been reported on Signal Arnaques https://www.signal-arnaques.com/scam/view/368864 Not quite sure if it's a scam or a phishing scheme, but it still is malicious either way.

[gorhill]

Looks like this should be reported as per https://gitlab.com/malware-filter/phishing-filter#issues:

Please report new phishing URL to PhishTank or OpenPhish.

[NotaInutilis]

Yeah, I wasn't quite sure it was the right place to post but I checked some closed issues with the same kind of URLs so it seemed it could belong here. I've sent the report to OpenPhish, PhishTank is unfortunately closed to subscriptions for the moment. It's my first time contributing to these lists and it's actually pretty confusing to figure out where to report what and how.

Anyway, thanks for checking this and thanks for your work with uBo!

[iam-py-test]

Might be worth reporting to Google/M$: M$: https://www.microsoft.com/en-us/wdsi/support/report-unsafe-site-guest Google: https://safebrowsing.google.com/safebrowsing/report_phish/

[NotaInutilis]

Thanks for the heads up! It's done but boy, their forms are super inefficient and we have to paste links one by one…

Do you know if there is some kind of reporting guide with all the links you shared with me here (and even more)? It'd be useful to a lot of folks not familiar with FOSS but that could still report the malicious websites they encounter.

[iam-py-test]

Here are a few: https://www.youtube.com/watch?v=0fIUiv9-UFk