The Prado Museum has reported to the Police that someone has cloned its website and is selling fake tickets in the name of the institution. In a message on its official Twitter profile, the art gallery warns that the fraudulent page and its ticket purchasing procedure are exact copies of the official ones.
The Prado Museum has explained to elDiario.es that it has become aware of the impersonation through daily scanning of the network to detect mentions of the institution or this type of practices. He has not heard of any visitors with false tickets, so he anticipates that the intention of the attack may have been to obtain the victims’ card numbers, official sources state.
Cloning a website is a simple cyber attack usually directed against e-commerce pages, shows or hotels. Cybercriminals replicate the website of the target institution and make subtle changes to the URL that can mislead users who fall into it. On this occasion, the address of the fake page is delpradomuseo.com and instead museodelprado.com, which is the original.
The most complicated part of this type of maneuver is managing to divert traffic from the authentic website to the fraudulent one. In this case, it seems that cybercriminals have purchased a sponsored space on Google that causes their page to appear before the official portal of the Prado Museum itself in the results of some searches, as elDiario.es has been able to verify.
elDiario.es has notified Google of the situation. This is not the first time that these sponsored results in the search engine, in which third parties pay a sum to appear in the top positions, have been used to try to launch scams. This medium described how pages that impersonate the Tax Agency, Social Security or parcel delivery companies have used them to trick users into calling 118 numbers, which have a special rate of up to 11 euros per minute.