• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Cyber Security Solutions, Compliance, and Consulting Services - IT Security

We offer It security management, data, network, & Information security services for protecting information & mitigating security risks to your organization.

  • Home
  • About Us
  • Solutions & Services
    • Security Governance
    • NETWORK SECURITY
    • CLOUD SECURITY
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Domain Impersonation Witnesses a Sharp Rise

By Robert Roohparvar | At June 4, 2022

June 4, 2022

Domain Impersonation Witnesses a Sharp Rise

The average business sees almost 90 domains impersonating their business per month – that’s approximately 1100 domains per year on average. These fraudulent domains are set up by cybercriminals and sometimes even by threat actors sponsored by states to carry out such activities. 

A report by a digital risk protection company called Digital Shadows showed that the industry that is most at risk of such fake domains is the financial sector. The Photon Team of Digital Shadows analyzed a sample set of impersonating domains over 4 months of 2021, and found that each client was victim to at least 90 fake domains per month impersonating their brand name and company. 

According to researchers, setting up such fake domains is now easier than ever, especially due to the wide availability of phishing kits and tutorials. With enabling websites like 16Shop, an online marketplace for such criminal activities, fraudsters can now pick the brand they want to impersonate and get their fake website ready to go in just $50.

These cybercriminals often predict the typos people tend to make while searching for a particular name, and then buy domains with the misspelled name to mislead visitors. These impersonating websites are often used to conduct malicious activities. Financial organizations and healthcare are often the ones facing the most risk of being affected by such activities.

Why would anyone want to impersonate a domain?

The most common goal of impersonating websites is to collect user credentials – for example, some fake websites contain brand logos and require visitors to fill out a form. These websites are usually landing pages for phishing emails that include links to reset expired passwords or claim a prize.

This information is then used by malicious parties to access cable TV subscriptions, adult websites, and other user-sensitive material. Sometimes this data is also sold to the highest bidder in the dark market. Financial data and personal information, in particular, are always in high demand in underground marketplace websites and go for huge bid amounts.

Digital Shadows researchers noted that there was a growing number of impersonations of cryptocurrency exchange services in the past few months. And given the high-profile and trillion-dollar market value of cryptos, this trend isn’t surprising. Crypto wallets contain extremely sensitive data and the market is highly volatile, making them the perfect target for phishing.

Some cybercriminals and state actors also impersonate websites to drop malware on the machines of unsuspecting visitors. This technique was observed by researchers for the Vietnamese state-sponsored group called OceanLotus. OceanLotus would create websites that contained legitimate news articles and a few URLs that redirected to malicious content. This malware would be dropped on users’ machines and used to gather information about them. Digital Shadows noted that this operation showed sophistication in the way it was handled.

Threat actors also get a chance to conduct social engineering campaigns by spreading wrong information during periods of heightened uncertainty, such as elections. Stressed and curious people are the ones most vulnerable to such activities. 

Impersonating domains can also provide access to a target network that further allows threat actors to conduct a broader criminal campaign.

Filed Under: Cyber security threats

Primary Sidebar

Archives

  • [+]Cloud security (11)
  • [+]Compliance (14)
  • [+]Cyber security news (96)
  • [—]Cyber security threats (212)
    • 03 cyber threats expected to grow in 2020
    • 03 dangerous security assumptions to avoid
    • 04 top cloud security threats
    • 05 common social engineering tactics
    • 05 most common ways criminals scam you through social engineering
    • 05 signs that show you have been hacked
    • 05 ways malware can bypass endpoint protection
    • 06 ways to protect yourself against cybercrime
    • 07 benefits of cybersecurity awareness training
    • 09 Cybersecurity Threats to Watch Out For in 2019
    • 3 Huge Cyberattacks Show the True Extent of Cyber Crime
    • 3 Reasons Why Cybersecurity is More Important Than Ever
    • 3 TIPS TO SAVE YOUR BUSINESS FROM SUPPLY CHAIN ATTACKS
    • 3 ways to kick-start your organization's cybersecurity training
    • 3 ways to protect your business from ransomware attacks
    • 30% of SMEs have no data security, says study
    • 4 Cybersecurity trends in 2019
    • 4 Post-Pandemic Cybersecurity Trends
    • 4 Reasons why website security is important
    • 4 reasons your company needs cyber insurance
    • 4 Steps to Creating Effective Post-Pandemic Data Security
    • 4 ways to build a strong security culture
    • 5 Cyber Security Tips Every Small Business Owner Needs to Know
    • 5 Cybersecurity Measures Every Small Business Should Take This Year
    • 5 hard truths every CISO should know
    • 5 Industries That Top the Hit List of Cyber Criminals in 2017
    • 5 Key Components Of A Successful Cybersecurity Framework
    • 5 Methods to Make Customer Experience Safer
    • 5 myths CEOs believe about cybersecurity
    • 5 Steps to Prevent Cybersecurity Threats in Supply Chain
    • 5 Tips for Kickstarting Your Cyber Security Program
    • 5 tips to protect your organization from ransomware
    • 5 ways to control cybersecurity burnout
    • 6 Ways To Protect Yourself From Identity Theft
    • 95% of websites risk operating on outdated software with known vulnerabilities
    • All About Data Repository
    • All about ransomware
    • All about social engineering
    • America’s small businesses aren’t ready for a cyberattack
    • Are all Bluetooth security device secure?
    • Attacker’s phish Office 365 users with fake voicemail messages
    • Can Smart Cities be Hacked?
    • Can We Rely On Cyber Insurance?
    • Changing Trends in Cybersecurity Training
    • CLOUD COMPUTING CYBERSECURITY TIPS
    • Common Cybersecurity Myths Busted
    • Common types of cyber scams and how to avoid them
    • Common types of cybersecurity threats
    • Common Types of Phishing Attacks
    • Consumers Must Prioritize Safety Over Convenience
    • Credential Stuffing: The Newest Cybersecurity Threat
    • Cyber Crime is a Threat to the Energy Sector; Here’s Why
    • Cyber Intrusion: The Rising Cybersecurity Threat
    • Cyber Resilience vs. Cybersecurity: What’s the Difference and How to Build a Plan for Both
    • Cybercrime during COVID-19: 5 things every CISO needs to know
    • Cybercrime economy is worth $1.5 trillion in illegal profits: study
    • Cybercriminals are Capitalizing on Covid Vaccines to Launch Attacks
    • Cybercriminals are Resorting to Automated Attack Tools
    • Cybercriminals: Threat or Menace?
    • Cybercrooks increasingly targeting smart home devices
    • Cybersecurity and how to protect a company
    • Cybersecurity Challenges for Businesses in 2022
    • Cybersecurity challenges for small businesses
    • Cybersecurity in the Aviation Industry
    • Cybersecurity Needs to Improve if IoT is to Thrive
    • Cybersecurity Tips to Secure Your Business in 2022
    • Cybersecurity: Guiding Principles for Board of Directors
    • Developing Cybersecurity in Medical Devices
    • Did COVID-19 Pandemic Increase Cybersecurity Threats?
    • Domain Impersonation Witnesses a Sharp Rise
    • Elements of cybersecurity
    • Emerging cybersecurity threats to businesses
    • EVERYTHING YOU NEED TO KNOW ABOUT BRUTE FORCE ATTACKS
    • Five social engineering tricks and tactics employees still fall for
    • Four biggest healthcare security threats for 2020
    • Four questions to answer before paying a ransomware demand
    • Four significant changes coming to cybersecurity in 2020 and beyond
    • Hackers are outpacing defenses, a new report finds
    • Hackers are using famous file sharing services to hack email accounts
    • Healthcare Cybersecurity Risks in 2022
    • History of Cybersecurity and Hacking
    • Hospitals are becoming smarter than ever. But so are cybercriminals
    • How Can a Cyber Security Service Help Secure Your Organization
    • How Cybercriminals Exploit QR Codes
    • How Cybercriminals Steal Millions Using API Keys
    • How do I protect myself from ransomware?
    • How does spyware work?
    • How much can we rely on digital banking?
    • How much does it cost to launch a cyberattack?
    • HOW NEW TECHNOLOGIES AFFECT CYBER SECURITY
    • How Safe are Smart Homes?
    • How Safe is Your Small Business From Cyberattacks?
    • How Security Updates Can Save You From Targeted Cyber Attacks
    • How to Alleviate Third Party Cyber Security Risks
    • How to Check if Your Data Was Leaked in Facebook's Huge Hack
    • How to detect and prevent crypto mining malware
    • How To Identify Hoax Emails
    • How to Implement a Robust Vendor Risk Management Framework
    • How to Improve Cybersecurity in Your Supply Chain: 3 Effective Tips!
    • How to Make an Incident Response Plan
    • How to prevent, detect and defend against Credential stuffing
    • How to Protect Your Company’s IoT
    • How To Safely Work From Home: 6 Cybersecurity Tips!
    • How to secure server-less apps
    • How To Secure Your Systems With Anti-Malware and Host Intrusion Prevention
    • Importance of Cybersecurity In Wake of the Rising Challenges
    • Important building blocks of a robust cybersecurity and common cyber threats
    • Important Steps Board of Directors Should Take to Reduce Cybersecurity Risks
    • Information Security Governance Best Practices
    • Insider Trading Risks and the Financial Sector
    • IoT – The New Soft Spot for Attackers
    • Is Artificial Intelligence Another Big Threat to Cybersecurity?
    • Is Quantum Internet Impervious to Cyber Breaches?
    • Is Your Small Business Safe From Cyber Attacks?
    • Law Firms Cybersecurity Tips
    • LinkedIn Scams: Still the Most Popular Form of Phishing
    • MALWARE – THE LINGERING CYBERSECURITY THREAT
    • Malware and ways of detecting them
    • Newsletter: Law Firms and Cyber Ransom
    • North Korea has been targeting threat researchers
    • One in three organizations suffered data breaches due to mobile devices
    • Penetration Testing and Its Advantages
    • People - the Weakest Link in Cybersecurity
    • Petya ransomware and NotPetya malware
    • Phishing in 2020: Another Problem for an Already Difficult Year
    • Post-Covid Cybersecurity for Small Businesses
    • Predictions for the Cybersecurity Landscape of 2018
    • Predictions of Future Cybersecurity Trends in 2020 and Onwards
    • Protect backup from ransomware attacks and recover safely
    • Protecting against the changing cybersecurity risk landscape
    • Ransomware Attacks Continue to Grow
    • Reasons behind the rise in supply chain cyber-attacks
    • Reasons to Use Automated Threat Intelligence
    • Reasons Why Businesses Must Take Cybersecurity Seriously Than Ever
    • Reasons Why Cloud Security is Critical to Your Organization
    • REASONS WHY CYBER SECURITY ASSESSMENTS ARE IMPORTANT FOR ORGANIZATIONS
    • Reasons Why Law Firms Need Foolproof Cyber Security
    • Retail Industry Faces a Challenging Cyber Threat Landscape
    • Russia-linked gangs attack US critical infrastructure most often
    • Scammers Add an Extra Worry for Travelers Post-COVID
    • School Re-Openings Disturbed by Ransomware Attacks
    • Security Best Practices for Collaboration Platforms
    • Smishing and vishing: How these cyber attacks work and how to prevent them
    • Social Media - The Fastest Growing Threat Surface
    • Steps for building an effective incident response plan
    • Supply Chain Attacks Continue to be a Serious Threat
    • Supply Chain Cyber Attacks See a Troubling Rise
    • System Hardening and Cyber Security
    • The 4 biggest ransomware attacks of the last five years
    • The 5 Major Cybersecurity Threats Against the Healthcare Industry in 2021
    • The 5 Most Dangerous Types of Malware to Be Cautious of in 2020
    • The 5 types of cyber-attack you're likely to face in 2020
    • The 6 Biggest Cyberattacks of 2020
    • The 8 Best Cybersecurity Strategies for Small Businesses in 2021
    • The Benefits of Cyber Threat Intelligence for Your Organization
    • The Biggest Recent Data Breach Might Have Cost $58 Billion to Resolve
    • The common types of cyber attacks
    • The Correlation Between Cyber Insurance and Increasing Cyber Risk
    • The Cyber Security Challenges for the Asset Management Sector
    • The Cybersecurity Risks of Cryptocurrency
    • The Deadliest Ransomware Attacks to Lookout For
    • The Existing Hybrid Work Environment and Cybersecurity
    • The Future of Quantum Computers
    • The Hybrid Working Model and Cybersecurity
    • The Hybrid Working Model and Data Security
    • The Importance of Cyber Resilience in Cyber Security
    • The Increasing Risk of Ransomware Attacks
    • The majority of ransomware attacks are targeted at the United States
    • The Next Big Threat: Human Killing Cyberattacks
    • The Rise of Ransomware Attacks
    • The shortcomings of centralized server architecture
    • The three pillars of cybersecurity
    • The Top Cyber Security Threats Law Firms Will Face in 2019
    • Threat Actors Can Now Hijack Inter-connected Security Systems
    • Threat or Opportunity? Big Data and Cyber Security
    • Three signs you're socially engineered
    • Three ways to protect your supply chain from Cyber-Attack
    • Tips to optimize your VPN security
    • To Outsource or Not to Outsource Cyber Security
    • Top 3 Criminal Methods of Using Artificial Intelligence for Cyber Attacks
    • Top 3 Methods Cyber Criminals Are Using Artificial Intelligence
    • Top 5 Ways to Protect Your System from Ransomware Attacks
    • Top 6 Cybersecurity Threats for Law Firms
    • Top 8 cyber security risks of working from home
    • Top Cybersecurity Challenges of 2021
    • Top Cybersecurity Myths Busted
    • Top Cybersecurity Threats of 2022: Report
    • Two in three businesses faced insider attacks in 2020
    • Vishing, its Techniques and How to Prevent it
    • What are the Cyber Risks Posed by the Metaverse?
    • What Is a Backdoor Attack?
    • What is Botnet and how to prevent Botnet attack
    • What is Malware and Types of Malware?
    • What is Ransomware and How to Prevent It
    • What is scam and types of scam?
    • What is SIEM software? How it works and how to choose the right tool?
    • What is Smishing and How to Avoid it
    • What is spyware and its types?
    • What is the incident response? 05 steps for building a robust IR plan
    • What is Typosquatting and How to Stay Safe
    • What is WireGuard? Secure, simple VPN still in development
    • Which Industries at Higher Risk of Cyber Attacks in 2021
    • Who is a target for ransomware attacks?
    • Who is Most Vulnerable to Cybercrime: New Report Reveals Surprising Insights
    • Why 2021 Could Witness an Outbreak of Ransomware Attacks
    • Why Cybersecurity Has to Be a CEO Level Matter
    • WHY CYBERSECURITY IS THE ANSWER FOR THE SHARING ECONOMY?
    • Why Is Cyber-Security So Important to the Healthcare Industry
    • Why Passwords Are Now a Thing of the Past
    • Why You Should be Concerned About How Phishing Attacks are Evolving
    • World’s largest data breaches
    • Worms – The New Cyber Security Threat
  • [+]Cyber security tips (201)
  • [+]E-Commerce cyber security (3)
  • [+]Enterprise cyber security (2)
  • [+]Financial organizations cyber security (2)
  • [+]General (26)
  • [+]Government cyber security (2)
  • [+]Healthcare cyber security (4)
  • [+]Law Firms Cyber Security (3)
  • [+]Network security (3)
  • [+]Newsletter (1)
  • [+]Ransomware (6)
  • [+]Risk assessment and management (4)
  • [+]Security management and governance (5)
  • [+]System security (3)
  • [+]Uncategorized (14)
  • [+]Vendor security (10)

Footer

Infoguard Cyber Security

San Jose Office
333 W. Santa Clara Street
Suite 920
San Jose, CA 95113
Ph: (855) 444-6004

Irvine Office
19800 MacArthur Blvd.
Suite 300
Irvine, CA 92612

Recent Posts

  • Tips to Create a Solid Information Security Policy
  • Why Your Business Must Have a Vendor Risk Management System
  • Common Cybersecurity Myths Busted

Get Social

  • LinkedIn
  • Home
  • About Us
  • Solutions & Services
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Copyright © 2022