Recently, there has been a rise in online fraud schemes exploiting the well-known sports retail brand Decathlon. Numerous fake contests have appeared on social media platforms, particularly Facebook, aiming to steal personal data and payment information.
As a global brand, Decathlon has become a target for cybercriminals who use similar fraudulent techniques across different countries. The company’s Philippine branch has already flagged this issue, and similar scams have been observed in the Benelux region, Spain, and the Czech Republic. Fraudsters constantly adapt their methods to local users and languages, making it increasingly difficult to detect fake websites.
How the Scam Works
The fraudulent scheme typically follows a similar pattern: a fake Facebook account shares a post about an alleged contest organized by Decathlon. The prizes often include backpacks, bicycles, or other attractive products. The scammers’ profile may initially seem legitimate, but a closer look often reveals suspicious details, such as an unusually low number of followers or an excessive number of fake-looking accounts interacting with the posts.
These scam posts generate high engagement, with numerous likes, shares, and comments that create an illusion of credibility. Some users even post photos of supposed prizes they have won, further reinforcing the deception. However, most of these accounts are either fake profiles or compromised accounts belonging to real users.
Fake Websites – A Trap for Users
The fraudsters lure users into clicking on links in their fake posts, redirecting them to websites that closely resemble the official Decathlon online store. However, upon closer inspection, several red flags become apparent:
- The URL does not match Decathlon’s official website.
- The Decathlon logo, shopping cart icon, and user account section are often non-functional.
- The website may feature a section that appears to be a Facebook discussion thread, but it is actually just an image with no interactive functionality.
A key part of the scam is the contest itself. Regardless of the answers provided, the user is always declared a “winner” and is then asked to pay a verification fee (in the Czech Republic, this fee is 49.90 CZK). Since the amount is relatively small, many victims proceed to enter their payment card details, unknowingly exposing themselves to financial fraud and potential theft from their accounts.
Cybercriminals continue to refine their tactics, and scams involving the Decathlon brand have become one of the latest methods of data theft. “The most important defense remains user awareness and caution online—checking comments under posts, verifying the URL address, comparing it with the official website and ongoing promotions, and using security software such as ZoneAlarm, which warns against phishing and suspicious websites,” emphasizes Wojciech Głażewski, General Manager of Check Point Software Technologies in Poland.
Source: ManagerPlus
