• Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Cyber Security Solutions, Compliance, and Consulting Services - IT Security

We offer It security management, data, network, & Information security services for protecting information & mitigating security risks to your organization.

  • Home
  • About Us
  • Solutions & Services
    • Security Governance
    • NETWORK SECURITY
    • CLOUD SECURITY
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Domain Impersonation Witnesses a Sharp Rise

By kamran | At June 4, 2022

Jun 04 2022

Domain Impersonation Witnesses a Sharp Rise

The average business sees almost 90 domains impersonating their business per month – that’s approximately 1100 domains per year on average. These fraudulent domains are set up by cybercriminals and sometimes even by threat actors sponsored by states to carry out such activities. 

A report by a digital risk protection company called Digital Shadows showed that the industry that is most at risk of such fake domains is the financial sector. The Photon Team of Digital Shadows analyzed a sample set of impersonating domains over 4 months of 2021, and found that each client was victim to at least 90 fake domains per month impersonating their brand name and company. 

According to researchers, setting up such fake domains is now easier than ever, especially due to the wide availability of phishing kits and tutorials. With enabling websites like 16Shop, an online marketplace for such criminal activities, fraudsters can now pick the brand they want to impersonate and get their fake website ready to go in just $50.

These cybercriminals often predict the typos people tend to make while searching for a particular name, and then buy domains with the misspelled name to mislead visitors. These impersonating websites are often used to conduct malicious activities. Financial organizations and healthcare are often the ones facing the most risk of being affected by such activities.

Why would anyone want to impersonate a domain?

The most common goal of impersonating websites is to collect user credentials – for example, some fake websites contain brand logos and require visitors to fill out a form. These websites are usually landing pages for phishing emails that include links to reset expired passwords or claim a prize.

This information is then used by malicious parties to access cable TV subscriptions, adult websites, and other user-sensitive material. Sometimes this data is also sold to the highest bidder in the dark market. Financial data and personal information, in particular, are always in high demand in underground marketplace websites and go for huge bid amounts.

Digital Shadows researchers noted that there was a growing number of impersonations of cryptocurrency exchange services in the past few months. And given the high-profile and trillion-dollar market value of cryptos, this trend isn’t surprising. Crypto wallets contain extremely sensitive data and the market is highly volatile, making them the perfect target for phishing.

Some cybercriminals and state actors also impersonate websites to drop malware on the machines of unsuspecting visitors. This technique was observed by researchers for the Vietnamese state-sponsored group called OceanLotus. OceanLotus would create websites that contained legitimate news articles and a few URLs that redirected to malicious content. This malware would be dropped on users’ machines and used to gather information about them. Digital Shadows noted that this operation showed sophistication in the way it was handled.

Threat actors also get a chance to conduct social engineering campaigns by spreading wrong information during periods of heightened uncertainty, such as elections. Stressed and curious people are the ones most vulnerable to such activities. 

Impersonating domains can also provide access to a target network that further allows threat actors to conduct a broader criminal campaign.

Written by kamran · Categorized: Cyber security threats

Primary Sidebar

Recents post

Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted

Ransomware groups continue to … [Read More...] about Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted

New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks

With confidential client … [Read More...] about New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks

Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

From ransomware attacks … [Read More...] about Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

Categories

  • AI and cybersecurity (2)
  • blockchain (1)
  • Cloud security (29)
  • Compliance (25)
  • Cyber security news (108)
  • Cyber security threats (376)
  • Cyber security tips (370)
  • Data Security (3)
  • E-Commerce cyber security (3)
  • Education cyber security (1)
  • Enterprise cyber security (7)
  • Financial organizations cyber security (4)
  • General (22)
  • Government cyber security (4)
  • Healthcare cyber security (19)
  • Information Security (2)
  • Law Firms Cyber Security (9)
  • Network security (9)
  • Newsletter (1)
  • Privacy (1)
  • Ransomware (14)
  • remote work (1)
  • Risk assessment and management (6)
  • Security management and governance (9)
  • SME Cybersecurity (2)
  • Software Security (2)
  • Supply Chain Attacks (5)
  • System security (3)
  • Uncategorized (29)
  • Vendor security (14)

Archives

Footer

Infoguard Cyber Security

San Jose Office
333 W. Santa Clara Street
Suite 920
San Jose, CA 95113
Ph: (855) 444-6004

Irvine Office
19800 MacArthur Blvd.
Suite 300
Irvine, CA 92612

Recent Posts

  • Healthcare Cybersecurity Roundup: Hospitals, Labs, and RCM Firms Targeted
  • New Cyber Threats for Law Firms: ICC Attack, Firm Breaches, and AI-Driven Risks
  • Healthcare Under Siege: 3 Major Data Breaches + the Rise of Bert Ransomware

Get Social

  • LinkedIn
  • Home
  • About Us
  • Solutions & Services
  • COMPLIANCE
  • SECTORS
  • Blog
  • CONTACT

Privacy Policy Terms of Use Acceptable Use

Copyright © 2025 | All right reserved