Businesses and consumers are being warned to stay vigilant as the threat domain fraud continues to rise.
Reports show that cybercriminals are now registering millions of domain names every year in a bid to impersonate household brands. Given all you need to register a domain name is internet access, domain name fraud is as cheap as it is easy; all criminals have to do is purchase the domain names they want, copy the websites linked to those domains then buy or create security certificates and phony company documentation to make them look legitimate.
Cybersecurity experts Proofpoint recently published their 2019 Domain Fraud Report in which they highlight the latest trends in domain fraud and explain how cybercriminals drive victims to the fraudulent domains they’ve set up.
One of the most worrying tactics the report suggests is simply to “hide in plain sight” by using the same TLDs (top-level domains which are the last part of the domain name, e.g. .com, .co.uk or .net), registrars and web servers used by legitimate domain names. Proofpoint’s research reveals that just as 52% of the new domain registrations made last year ended in .com, so did 40% of fraudulent domain registrations.
The Domain Fraud Report also shows just how much of a threat domain name fraud is for businesses.
While Proofpoint’s clients come from a wide variety of industries, there were some concerning statistics common to all sectors:
- 76% of their clients had found “lookalike” domains posing as them
- 85% of their clients who sold product via their websites found sites selling counterfeit versions of those products and an incredible
- 96% found exact replicas of their current domains with a different TLD
- 94% of the fraudulent domains Proofpoint’s researchers found were actively sending email
The report also suggests that price and recent market developments play a huge part in influencing criminal behaviours. For example just after the .dev TLD was launched 30% of those who had bought domains with that TLD found fraudulent domains using .dev within 2 weeks of it becoming available.
As lawyers who specialise in all forms of digital fraud we have seen a sharp increase in the number of clients coming to us to find a way to mitigate the damage caused to their businesses by domain name fraud. Our experience has taught us there are several steps businesses can take to minimise the risk of being targeted by and falling victim to domain name fraud and those steps are:
1. Choose a good domain registrar company
Don’t choose your registrar solely on price. Make sure they also offer other security features like 2-factor authentication, DNS management and, in the event of an attack, 24 hour technical support.
2. Enable your 2-factor authentication
Even if someone does get held of your username and password, the second stage of the authentication process should stop them getting any further.
3. Enable domain locking
This will stop criminals transferring your domain name transfers to another registrar.
4. Enable WHOIS protection
WHOIS protection will severely limit the amount of personal information you have to share on the Internet, information that could be used against you later.
5. Choose a VERY strong password
To create a very strong password make sure it has 8 characters or more, avoid words you’d find in the dictionary, mix uppercase and lowercase letters and use numbers and symbols.
6. Change your password periodically
Change your passwords at least once a quarter and use the ‘very strong’ rules above when you’re setting a new one.
7. Keep your domain contact details up to date
A lot of domain names are commandeered because the contact information is old which plays straight into a hacker’s hands. Similarly if you’re contact details aren’t current, your registrar won’t be able to alert you if something does happen.
8. Never share your domain register login details with anyone you don’t trust 100%
Most changes to your site can be made without having to share your login details with the person doing the work but if it’s genuinely unavoidable set up a sub-account and restrict the privileges and accesses it permits so the supplier can’t do anything more than you’ve agreed.
9. Don’t answer emails asking for your login details
Phishing (obtaining your personal details via fake emails that look like they’ve been sent by someone you know or recognise) is a daily occurrence. I you receive an information request you weren’t expecting or are suddenly asked to follow a link to input some confidential information, don’t. Contact the seller and make sure it’s legitimate before you take any action.
10. Use different companies to register and host your domain
If all of your domain information is in one place and a criminal hacks it their access will be complete and the potential damage to your business will be far greater. Instead of going with what’s easy, split the risk by keeping your domain and hosting separate.
If your website has been cloned or compromised or if you’ve lost money via or purchased counterfeit goods on a fake website and you want to talk to lawyers who know exactly what you should do next, please call us today on 020 7792 5649 or email us at This email address is being protected from spambots. You need JavaScript enabled to view it..
We will help.
