One of the oldest tricks in the cybercriminals’ book, pervasive in the early days of the internet, is an attack type called domain fraud. Cyber fraudsters would employ a number of tactics to trick users in to visiting fraudulent domains. Among these fraud tactics, two stood out as the most common: typosquatting and domain spoofs.
In typosquatting, scammers register domains using a close and common misspelling of a popular domain, luring visitors intending to visit a popular website. They might, alternatively, use a url that looks like the intended site’s address at a glance. Hoping that some users won’t notice the misspelling in the URL, cybercriminals use their impostor domains for phishing schemes that aim to steal sensitive information.
In domain spoofs, cyber attackers go a step further by registering domains that look like the real deal. In addition to phishing schemes, these types of sites might be used to sell counterfeit products or conduct other kinds of illegal activities.
Unfortunately, domain fraud isn’t just a relic of the past. In the past few years, these classics of hacking have been coming back with a vigor, spurred on by the ever-growing volume of top-level names on the web.
Cybersecurity advisors and analysts are aware of the rising popularity in domain attacks, and they have been educating clients accordingly. One common piece of advice is to make sure users are making sure they visit sites using secured HTTPS addresses, rather than ones using HTTP. However, researchers have also found that approximately 25% of these attacks employee secured https sites in their schemes.
To go further in the battle against domain-fraud attackers, organizations can employ cyber intelligence that keeps an eye out on emerging attacks, leveraging the data to keep visitors away from known fraud sites.
Lunarline has a range of products and services that can help your organization stay away from spoofed or fraudulent domains. We can bolster your internal security teams with up-to-date cyber intelligence or conduct cyber hunts to uncover attack plans before they strike.
For more information on how Lunarline can help, contact us online today.