For many people, online security requires nothing more than good antivirus software, perhaps associated with anti-malware software and anti-ransomware software. However, as Proofpoint's Adenike Cosgrove explains, domain theft, phishing, and online fraud are becoming bigger and bigger problems.
Easy and inexpensive domain registration, along with the introduction of new top-level domains (TLDs), has resulted in a sharp increase in domain fraud. As hackers take advantage of this changing landscape to target businesses and their customers, the identification and deletion of fraudulent domains becomes increasingly complex and the risk of email fraud continues d & # 39; increase.
As the universe of legitimate domains has expanded, the registration of their fraudulent counterparts has also grown. The total number of quarterly domain registrations increased by 44% between Q2018 and Q11 XNUMX, as fraudulent registrations increased by XNUMX% during the same period.
The magnitude of the problem is such that 76% of organizations found that similar areas resembled their own. A new technology-related TLD, .dev, launched in February this year. Within two weeks, 30% of organizations found that potentially fraudulent domains used it under their brand.
And the attackers are not only growing in number, but also resourceful. There is no single gun to detect fraudulent domains. Attackers use a variety of tactics, including:
- TLD occupation: registration of identical domain names that belong to a trademark with different TLDs: .co instead of .com, for example.
- Typosquatting, also known as URL hijacking, involves registering sites close to the brand or copyright of third parties that target users who incorrectly enter a website address. in your browser (for example, "Gooogle.com" instead of "Google.com").
- Similarity areas - replacing letters with similar characters - using the letter m instead of rn, or an uppercase letter instead of a lowercase letter, for example.
Many fraudulent areas, 26%, even have security certificates, canceling years of advice to "trust the lock" when it comes to spotting something uncomfortable. This reinvigorated approach to domain fraud is causing the resurgence of another known form of attack: phishing.
About the AuthorAdenike Cosgrove is the Cybersecurity Strategist for International Markets at Proofpoint.
The phishing threat
Although they have long been part of the threat landscape, phishing attacks are on the rise: More than 80% of global information security professionals have been affected by phishing attacks in 2018, as highlighted in the report from 2019. Proofpoint Phishing Status. In the same year, reports of compromise on identifying information increased 70% during 2017, 280% more than in 2016.
The key to the success of such attacks is that they target individuals rather than technology, and domain fraud is one of the tools in cybercriminals' arsenal to launch more targeted attacks. In fact, 94% of companies have seen at least one fraudulent domain masquerading as their brand and emailing their customers. Many of these domains sent small volumes of email, suggesting company-designed and targeted attacks, such as compromising email.
If an attacker succeeds in capturing the identity information of the customer used to access your site, they are not just taking the personal data you have on that customer. Plus they now have everything you need for an ID padding attack. They can fraudulently access your clients' accounts with other organizations using the username and password combination you have saved for them.
Despite repeated advocacy from the cybersecurity community, credential reuse remains a frustrating practice. A recent Google survey found that 52% of Internet users reuse the same password with multiple accounts, while 12% use the same password for each account.
Count the cost of domain fraud
If you do not properly protect your digital printing against fraudulent domains, your customers are not exposed to the risk of fraud, scams and identity theft, they can also have serious consequences for your business.
Domain occupation can only be expensive. Spoofed domains can divert your site traffic and generate ad revenue. Or even worse, the sale of counterfeit products or services, which has an impact on revenue and undermines consumer confidence. The Methbot scheme, which has usurped 6,000 domains in the United States in recent years, diverted € 5 million in fraudulent revenue per day.
Add to that a phishing attack and you may find a much bigger problem: long-term damage to your reputation. In light of several recent highly publicized breaches, as well as the introduction of the GDPR, consumers have never been more interested in their own data.
Businesses that don't protect this data tend to pay the right price: 73% of customers would reconsider using a business if it didn't protect their data, while 30% said they would definitely go for something else.
Your fingerprint is a key part of your business. It is a vital link between you and your customers and shapes their experience with your brand.
Unfortunately, this also exposes you to digital risk, especially with regard to domain scams that target your business and your customers through an IT infrastructure often beyond your control.
To make sure you protect your digital footprint, and therefore your customers and your reputation, you need to regain control of this digital infrastructure. You are probably already taking precautions to protect your legitimate domains from attacks, now you should do the same for similar, suspicious or illegal domains.
Browse domain registries to find out which TLDs are available with your domain name and which ones are registered. Take action against those who could damage your brand or present a security risk. If you can, buy domains similar to yours, including common misspellings and those with alternate TLDs.
You must also remain vigilant. Make sure to continuously monitor the space around your fingerprint for suspicious activity, such as registering new domains. To address the increasing use of fraudulent domains by cybercriminals, it is essential that you take a proactive approach, taking advantage of all available tools to protect your revenue, reputation and customers.
Adenike Cosgrove is the Cybersecurity Strategist for International Markets at Proofpoint.