Today, businesses around theworld rely on owned websites and domains to grow brand awareness and promoteand sell products and services. With e-commerce and online shopping at anall-time high, securing owned domains and removing malicious or spoofed domainsis imperative for protecting modern consumers and their personal informationfrom cybercrime. As cybercriminals often buy ‘look-alike’domains with the goal of impersonating a targeted organization online,domains offer attackers a wide, and potentially lucrative surface for attacks.
Impersonating an organizationor brand may involve swapping in similar characters (homoglyphs) or appendingkeywords such as “help,” “support,” or other plausible concatenations to theend of the URL. Similarly, attackers will append long strings of randomizedcharacters to a legitimate-looking domain, so that a user clicking on thisdomain will only see the first, credible-looking part of the domain beforerealizing they have become a victim.
With domain-based attacks onthe rise across industries, investing in domain protection should be a toppriority for organizations of all sizes. Given the various tactics used byattackers to perform domain-based attacks, it’s important for enterprises tounderstand the top tactics bad actors use so that they can better defend theirbrand and protect their customers.
Strategy number 1: Piggybacking
We often see attackersutilizing spoofed or look-alike domains in an attempt to appear credible bypiggybacking off the name recognition of well-known brands. These look-alikedomains may be parked or serving live content. Commonly, parked domains areused to generate ad revenue, however, these domains could very easily be usedto rapidly serve malicious content as well. These specific attack tactics canalso be used to serve other content that can be harmful to a brand’s image,like counterfeit goods.
Strategy number 2: Copycatting
Another common tactic used byattackers is called copycatting and involves creating a site that directlymirrors an organization’s legitimate webpage. This ..
Support the originator by clicking the read the rest link below.
