Cybercriminals have copied dieci.ch

12.08.2024

On August 5, 2024, a website under the domain dleci.ch went live, displaying content identical to dieci.ch.


All content elements from dieci.ch, including the entire Dieci webshop, were copied and appeared on this phishing website.

Immediate countermeasures were taken to make the phishing website and fraudulent Google ads inaccessible as quickly as possible. These measures have been successful so far.

 

What were and are the risks, and what can you do?

 

For customers who are on dieci.ch and place orders there, there is and was no risk. Your data registered with us is not affected – Dieci has not been hacked.

Customers who accidentally landed on a phishing website through a fraudulent Google ad and entered their credit card details should contact their credit card issuer immediately. Additionally, the police recommend filing a complaint against an unknown person.

If you logged into your Dieci profile on the phishing website or are unsure if it was the correct website, please change your password on dieci.ch as a precaution.

 

Why do phishing websites exist?

 

Phishing websites are created by criminals attempting to steal sensitive data, such as credit card information in our case. Phishing is increasingly being covered in the press. Unfortunately, many individuals and companies have already had experiences with it, whether through a phishing SMS, email, or website.

Please note that phishing website domains can be easily altered by fraudsters. To protect yourself, always check the domain carefully – in our case, only dieci.ch is correct; we do not use any other domains.

Report dated August 9, 2024

 

Under the website dleci.ch, a phishing site appears that displays the exact content of dieci.ch. All content elements from dieci.ch, as well as the entire Dieci webshop under webshop.dieci.ch, have been copied and are currently displayed under the domain dleci.ch. Please note that the domain can also be slightly adjusted by the fraudsters.

 

Beware of fraudulent Google Ads

The site dleci.ch is presumably not directly accessible. It is reached through Google paid ads that closely resemble our own Google ads.

The ad domain is dipienci.org – clicking on the ads redirects you directly to dleci.ch. Here is an excerpt of such fraudulent Google Ads:

We use an internal system that monitors ads for our brand names (or similar). Dipienci.ch targets, among other keywords: dieci, dieci order, dieci pizza, 10 dieci.

The fraudulent ads were first detected on Monday, August 5, 2024.

 

How to recognize the fraud

The phishing website does not obviously differ from our website. Here are the elements that reveal the fraud:

  • The domain is dleci.ch, not dieci.ch; the webshop is webshop.dleci.ch, not webshop.dieci.ch – a small "l" instead of an "i".
  • On the phishing webshop, customers are asked to enter their credit card information as payment in the contact form (in English). On our site, customers are redirected to the website of our payment provider, Wordline.

 

Phishing website dleci.ch

(Distinguishable only by the domain)

Contact form on the phishing website dleci.ch (checkout page)

(The payment field is already visible)

Contact form of the original website dieci.ch

(We do not request payment information on our site.)

Clicking on ‘Continue’ redirects you to our payment provider Wordline. Please note that we are a franchise system and our franchisees are listed as the payment recipients.

 

What are the risks and what can you do

For customers who are on dieci.ch and place orders, there is no danger. Your data registered with us is not affected – Dieci has not been hacked.

We have taken various countermeasures to ensure that this phishing website is no longer accessible as quickly as possible. We are also in contact with Google to have the fraudulent ads deactivated as soon as possible.

Customers who accidentally arrived at dleci.ch through a fraudulent Google ad from dipienci and entered their credit card details should immediately contact their credit card issuer. Additionally, the police recommend filing a report against unknown individuals.

If you logged into your dieci profile on the phishing website or are unsure if it was the correct website, please change your password on dieci.ch as a precaution.