Scam Campaign Report: Coordinated Online Retail and Financial Services Fraud Network
A consumer fraud campaign has been identified involving two domains, aurorasale.com and myftway.com, alongside United Group Inc., a company operating in the vehicle loan or lease industry with 78 Consumer Financial Protection Bureau complaints on record. The three entities have been flagged as connected through co-reporting relationships, meaning consumers have encountered these entities in overlapping contexts. While the confidence level on these connections is assessed at 0.35, the pattern of co-reporting across multiple relationship pairs warrants documented scrutiny and consumer awareness.
The domain aurorasale.com, registered on December 18, 2025, through NAMECHEAP INC, has drawn multiple consumer complaints related to non-delivery of goods advertised on social media platforms including TikTok and Facebook. Community reports describe a boneless sofa advertised for as little as $19.99, with consumers paying via Cash App and subsequently receiving confirmation emails containing non-functional tracking numbers. One report includes a specific confirmation number, FNB00000126WIS46, which could not be used to verify any shipment. The domain's very recent registration date is a common characteristic of short-lived scam storefronts designed to collect payments and disappear before consumer complaints accumulate.
The domain myftway.com, registered on July 31, 2025, through Cloudflare, Inc., has been co-reported alongside aurorasale.com by consumers and is associated with the same cluster. The use of Cloudflare as a registrar and hosting intermediary can obscure the true identity and location of the domain operator, a tactic frequently observed in fraudulent operations seeking to mask their infrastructure. The co-reporting relationship between myftway.com and aurorasale.com suggests consumers may have encountered both domains within the same purchasing or contact experience, though the specific nature of myftway.com's role in this campaign requires further investigation.
United Group Inc., operating in the vehicle loan or lease sector, carries 78 CFPB complaints, a volume that indicates sustained and documented consumer harm in financial services. Its co-reported connection to both aurorasale.com and myftway.com raises concern that consumers who fell victim to the retail scam elements of this campaign may have also been exposed to predatory or fraudulent vehicle financing offers, or that shared contact information and payment data may be flowing between these operations. The CFPB complaint count alone places United Group Inc. in a category warranting heightened regulatory attention.
Notably, community reports indicate that a legitimate business operating under the name Aurora Sales Inc. has been collateral damage in this campaign, with its employees receiving a flood of inquiries from consumers who confused the fraudulent aurorasale.com site with the real company. This impersonation pattern is consistent with scam operations that deliberately adopt names similar to established businesses to exploit consumer trust and complicate attribution efforts.
Consumers who have been contacted by or have interacted with aurorasale.com, myftway.com, or United Group Inc. should take the following steps. Do not click any links in emails or text messages associated with these entities, and do not provide additional personal or financial information. If contacted by phone, hang up immediately. Report any fraudulent experience to the Federal Trade Commission at reportfraud.ftc.gov and to the Federal Communications Commission at fcc.gov/consumers/guides/filing-informal-complaint. To verify whether a domain is safe before interacting, consumers can check registration details using WHOIS lookup tools such as lookup.icann.org and consult databases like the Better Business Bureau at bbb.org. Payments made via Cash App or other peer-to-peer platforms are generally non-reversible, but consumers should contact their bank or card issuer immediately if any linked account information was disclosed.
This cluster represents a moderate to elevated threat level given the combination of active social media-based retail fraud, domain infrastructure designed to obscure operator identity, and a co-associated financial services entity with 78 documented CFPB complaints. Recommended next steps include referral of aurorasale.com and myftway.com to NAMECHEAP INC and Cloudflare, Inc. for abuse review, continued monitoring of United Group Inc. complaint volume through CFPB channels, and coordination with social media platforms to remove fraudulent advertisements still in circulation. Consumers who have lost money are encouraged to preserve all correspondence, screenshots, and transaction records to support any future investigative or recovery efforts.