This scam campaign centers around a network of four fraudulent retail domains that share the same underlying infrastructure: susanjewelryco.com, stssy.com, www.kellerboutique.com, and easyscribe.co. All four domains were registered through GoDaddy.com, LLC within a tight timeframe between November 28, 2025 and December 3, 2025, indicating coordinated setup by the same threat actors. The domains are interconnected through 12 same-infrastructure relationships with moderate confidence levels of 0.50, suggesting they operate from shared servers or hosting arrangements designed to maximize the campaign's reach across different retail categories.
The campaign targets consumers across multiple shopping sectors, with susanjewelryco.com focusing on jewelry sales, stssy.com impersonating the legitimate Stussy clothing brand, and kellerboutique.com and easyscribe.co likely targeting fashion and lifestyle products. Community reports reveal the typical modus operandi of this network: consumers' debit and credit cards are charged immediately upon purchase, but victims either receive counterfeit products of obviously poor quality or no merchandise at all. One victim reported ordering rings from susanjewelryco.com and having their card charged without receiving email confirmation or products. Another victim received counterfeit "Ocean's Oath Gold earrings" that bore no resemblance to the advertised jewelry. A third victim was deceived by stssy.com appearing in legitimate Shopify app search results, demonstrating the campaign's sophistication in infiltrating trusted platforms.
The extremely recent registration dates of all domains, combined with their shared infrastructure and immediate consumer complaints, indicate this is an active and rapidly expanding fraudulent operation. The threat actors appear to be exploiting brand recognition (such as the Stussy impersonation) and legitimate platform integrations to gain consumer trust before executing payment fraud and counterfeit product schemes.
To protect yourself from similar scams, always verify website legitimacy by checking domain registration dates through WHOIS lookup services, as newly registered domains selling established brands are major red flags. Be wary of websites offering significantly discounted branded merchandise, especially if they appear in search results but lack official brand verification. If contacted by suspicious retailers through email or social media, do not click any links and instead navigate directly to known official websites. Report fraudulent websites and transactions to the FTC at reportfraud.ftc.gov or to the FCC for telecommunications-related fraud. You can verify the safety of domains and phone numbers through consumer protection websites and reverse lookup services before engaging with unfamiliar retailers.
This campaign represents a high-threat, active fraud network that consumers should avoid entirely. Immediate next steps include blacklisting all four identified domains, monitoring for additional domains registered through the same infrastructure, and alerting payment processors and e-commerce platforms about these fraudulent operations to prevent further consumer victimization.