Adex - Barcelona - potential fraud

ADEX Discovers: Potential DNS Vulnerability and 3rd Party Fraud on FC Barcelona’s Official Website

Adex recently revealed a potential 3rd party fraud scheme at play involving one of the top European football clubs’ websites – FC Barcelona’s website.

Among the major Adex’s clients is a global ad network – PropellerAds, which employs Adex to check millions of ad campaigns being launched on their platform. The company is extremely meticulous regarding fraud prevention and brand safety.

On November 16, during routine automated campaign checks and monitoring, Adex specialists identified a suspicious link leading to the official website of Barcelona FC. This anomaly immediately alerted the anti-fraud squad and triggered the manual review process.

Adex - potential fraud on Barcelona's FC website
Adex - potential fraud on Barcelona's website

Upon scrupulous analysis, a mismatch of NS records in the second- and third-level domains has been spotted. The official website (root domain) is hosted on AWS (Amazon Web Services), yet the NS records of the subdomain are on Google Cloud DNS.

Adex - dig results - barcelona FC
Root domain
Adex - dig results - barcelona FC - potential fraud

Based on these facts combined with further research indicating that IP addresses do not match, we can say that this iGaming page is most probably fraudulent and likely started operating around October 26.

Fake subdomain

Clearly, the ad campaign was instantly banned to prevent any possible fraud attack. 

The contents of the subdomain webpage represented a huge risk not just in terms of brand safety but also of potential illegal gambling.

It is possible that the Football club didn’t notice the illegal activity due to several factors, including:

  • The subdomain was not indexed by Google
  • There was no traffic spike since the subdomain was hosted on a different server

Our leading anti-fraud expert adds: ‘It definitely doesn’t happen every day to expose such a fraud case. Usually, criminals mimic popular or authoritative websites by switching a letter or two in the domain name or copying the interface’s design. It’s a bold move to hijack a subdomain of a club loved by many and use their good name to deceive users.’  

Adex has already notified FC Barcelona regarding the uncovered fraud and will update this article should we receive any comments.

    Get a quote

    Your company is a...

    Our representative will be in touch with you within 1 business day