Why criminals spoof your domain name

To many people, online security requires nothing more thangood antivirus software, perhaps along withanti-malware softwareandanti-ransomware software. However, as Adenike Cosgrove from Proofpoint explains, domain spoofing, phishing, and online fraud are becoming increasing problems.

Cheap and easy domain registration, coupled with the introduction of new Top-Level Domains (TLDs), has led to a sharp increase in domain fraud. As attackers take advantage of this evolving domain landscape to target businesses and their customers, identifying and nullifying fraudulent domains is becoming progressively complex and the risk of email fraud continues to increase. 

As the legitimate domain universe has expanded, so too has the registration of their fraudulent counterparts. Total quarterly domain registrations rose 44% between Q1 and Q4 2018, with fraudulent registrations up 11% over the same period.

Such is the scale of the issue that 76% of organisations found lookalike domains posing as their own. A new tech-related TLD, .dev, launched in February of this year. Within two weeks, 30% of organisations found potentially fraudulent domains using it with their brand name. 

And attackers are not just increasing in number but in ingenuity too. There is no single smoking gun when it comes to spotting fraudulent domains. Attackers use a range of tactics, including:

• TLD squatting – registering identical brand-owned domain names with different TLDs – .co instead of .com, for instance. 
• Typosquatting – also known as URL hijacking, consists of registering sites close to someone else’s brand or copy