In the run-up to Christmas, one of the busiest times for online shopping and e-commerce, we are likely to see a spike in fraudulent domain name registrations.
Domain provider CSC analyzed threatening domains targeting 10 of the biggest brands in the world in a report published on December 6, 2022. These include Amazon, Walmart, McDonald’s, Tencent, Google, Microsoft, Apple and Facebook.
Of 8480 identified unique third-party domain names in their dataset, CSC found that 56% were linked to a live webpage, some of which offered “a range of high-concern content types, including fraud issues like potential phishing sites, and other brand infringements,” according to the report.
Also, 66% of the identified third-party domain names used domain privacy services, “indicating an intention by the owner to mask their identity,” and 35% were configured with active mail exchange (MX) records, “indicating their ability to send and receive emails, making them capable of launching phishing attacks,” the report reads.
While all of these three methods could hint at nefarious motivations, Ihab Shraim, CSC’s CTO, told Infosecurity that various domain name alteration techniques were “often smart and sometimes tricky to detect.”
Aside from the regular typosquatting, the act of changing, withdrawing or adding a character from the original domain name, 3% of the fraudulent third-party domain names used legitimate domains in a fraudulent way to trick users.
“For instance, as the US government uses websites with the whitehouse.gov domain name only, some threat actors registered whitehouse[dot]com or whitehouse[dot]org, which seem harmless but in reality, are fraudulent,” Shraim said.
The report shows a spike in new domain name registrations in April 2022.
No tags.
