**Scam Campaign Report: MAFF Inc. Domain Infrastructure Fraud Network**
Our analysis has identified a coordinated scam campaign operating through three interconnected domains: aurilena.com, opulirene.com, and zuriora.com. All three domains were registered through MAFF Inc., with aurilena.com and opulirene.com both registered on July 10, 2025, and zuriora.com registered six days later on July 16, 2025. The domains share the same underlying infrastructure with moderate confidence levels of 0.50 across all connection points, indicating a deliberate effort to create multiple fraudulent storefronts using coordinated technical resources.
Community reports reveal this network is actively impersonating legitimate retailers through sophisticated social media advertising campaigns. Multiple consumers report encountering fraudulent advertisements on TikTok and Instagram that mimic established brands like Swanka-A-Posh and Sundance. The scammers create convincing replicas of legitimate retail websites and use urgent sales tactics, including fake "going out of business" promotions. Victims report completing purchases through these fraudulent checkout systems but never receiving their ordered merchandise. When consumers attempt to contact customer service, they receive false promises about express shipping that are never fulfilled.
The campaign demonstrates a clear pattern of retail fraud targeting social media users who believe they are shopping with familiar, trusted brands. The rapid registration timeline of all three domains within a six-day window in July 2025, combined with their shared infrastructure, indicates this is an organized operation designed to maximize consumer deception while minimizing detection. The use of multiple domains allows the scammers to continue operations even if individual sites are reported or taken down.
**Consumer Protection Advice:** If you encounter online retail advertisements, especially those promoting urgent sales or business closures, verify the legitimacy by visiting the retailer's official website directly rather than clicking advertisement links. Check domain registration dates using WHOIS lookup tools - newly registered domains advertising established brands are major red flags. If contacted by suspicious retailers or if you click on questionable links, immediately close the browser tab and do not enter personal or payment information. Report fraudulent websites and advertisements to the FTC at reportfraud.ftc.gov or file complaints with the FCC. To verify if a domain is safe, use online reputation checkers and search for consumer complaints about the specific website before making any purchases.
This campaign represents a moderate-to-high threat level due to its coordinated infrastructure, sophisticated brand impersonation tactics, and active targeting of social media users. Consumers should exercise extreme caution when encountering retail advertisements on social platforms and always verify merchant legitimacy through independent channels before making purchases. The interconnected nature of these domains suggests this operation may expand to additional fraudulent storefronts, requiring continued monitoring and consumer awareness.