Published: July 26, 2020 on our newsletter Security Fraud News & Alerts Newsletter.
Since 1998, a non-profit organization has been working behind the scenes helping the Internet highway be a safer place for us to travel. It’s called ICANN, and it helps keep domain names safe from hacking. ICANN stands for The Internet Corporation for Assigned Names and Numbers. It’s a big name, but simply put, it ensures a network's stable and secure operation. And now, ICANN is sounding the alarm about global large-scale attacks on domain names, the likes of which had yet to be seen.
For business owners, this alarm bell should be taken very seriously. Recently, ICANN reported on a serious spike against the Internet infrastructure, particularly the DNS. The DNS (Domain Name System) handles routing Internet traffic to the correct, legitimate website. ICANN works to make sure that domain names are legitimate and not a hoax designed to steal sensitive information. On a daily basis, employees go to countless websites to do their jobs. Hackers know this and are taking advantage of it with look-alike and typo domains. Look-alike domains are perfect for spear phishing attacks as the email address looks so close to the real thing that it is not noticed with a cursory check. Typosquatting takes advantage of a common mistake made by people every day... a typo. By purchasing the domains that just a typo away from the trusted website, cybercriminals can trick people into downloading malware or use a software vulnerability on the computer to inject malware without needed user permission.
For years they have been making very subtle changes in domain names that are very difficult to notice. This could be replacing an "O" with a zero or taking advantage of common typos such as using a "p" where its keyboard neighbor, "o" should be. If they’re successful, an employee is unwittingly led to a website–often a duplicate, there to steal data from a business–most notably financial data. This is called domain jacking or typosquatting. That’s surely an alert that business owners worldwide should really pay attention to.
In the interest of best security practices, ICANN offers several tips to help keep your business domain name, employees, contractors, and customers safe.
Immediately review and apply system security patches when available
Ensure passwords are long and complex, are not shared with others, and are periodically changed
Implement a lockout policy after incorrect passwords have been entered
Enable multi-factor authentication for all systems, especially for administrator access
Review unauthorized system access, especially having to do with administrators
Check internal controls involving administrator access
Train employees to double and even triple check the URLs before entering sensitive information into a website.
Consider using a service that checks the organization's domain name for similar ones that could be used for typosquatting and allows the organization to purchase those domain names to prevent this practice
“ICANN's mission is to help ensure a stable, secure, and unified global Internet. To reach another person on the Internet, you need to type an address – a name or a number – into your computer or other device. That address must be unique so computers know where to find each other. ICANN helps coordinate and support these unique identifiers across the world.” It’s up to individuals at the office and elsewhere to make sure everyone does their best to avoid being victims of typosquatting.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org