According to the latest report, cybercriminals have recently been found mimicking some of the biggest brand domains in the world in hopes of tricking online consumers. The illegal practice, popularly known as cyber-squatting, is impersonating major companies. The report mentions the Royal Bank of Canada as one of the top global brands whose domains are being impersonated by cyber crooks in their effort to make fake websites look authentic.
As per the reports, the domains most commonly ripped off for illegal online activities are related to some of the biggest companies in the world including social media platforms, search engines, shopping, banking and websites. Their primary focus is to launch scams and phishing attacks on unsuspecting consumers to obtain their online credentials and sometimes even money.
Cyber-squatting is a process whereby fake domain names are registered that dupe consumers into believing they are officially part of the popular existing brand domains, commonly by misspelling the names. While it is not only done with malicious intent, many of these domains could pose cybersecurity threats to users via this illegal practice in the states.
According to the cybersecurity experts, as many as 5,104 fake domain names registered in December 2019 exhibited hostile URLs within the domain, while 2,595 domains were discovered to be ill-natured as they went about distributing malware or directed phishing attacks. The report also revealed the most attacked domains include some of the biggest names in the online world such as Amazon, Netflix, Apple and Paypal to name a few. The cybersecurity experts also added that the unethical domains had a different agenda from last December. For instance, Amazon-India.online was particularly targeting smartphone users in India to obtain their credentials, while Samsungeblya iphone.com was sighted to steal credit card information of users by hosting Azorult malware.
These malicious domains specialize in taking advantage of loopholes and vulnerabilities in the international domain registration system that allows virtually anyone to register a domain that is similar, but not identical, to a pre-existing domain.
Experts believe the cyber-squatting techniques will continue to evolve with time, given the current state of the pandemic situation, where the world has moved online. Now online scammers are using futuristic squatting techniques, from level-squatting to typo-squatting to sound-squatting. The past few months have also witnessed cyber criminals taking advantage of hot topics that relate specifically to Coronavirus.
Cybersecurity experts advise brand domains to closely monitor their traffic and block any unwanted domains, while online consumers and users must be diligent to ensure that they correctly type the domain names, and verify the domain owners are legitimate before entering the website. Cyber criminals who use such illegal methods often register their domains at some dark web or shady DNS providers/parking services that are responsible for hosting abused domains.
For more news and updates from the cybersecurity world, Follow us on Facebook, & LinkedIn or Contact us. Feel free to call us 406-646-2102 or mail sales@ExcelliMatrix.com.
