Published: December 13, 2021 on our newsletter Security Fraud News & Alerts Newsletter.
As we’re all getting back into the holiday spirit after a somewhat glum 2020 season, it’s important to remember that the holiday shopping season doesn’t end on December 25. In fact, some retailers put their marketing effort into overdrive. There are after holidays sales, new year’s sales, and even “getting rid of all this stuff we didn’t sell at Christmas” sales advertised under some creative title. Retailers try to take advantage of the shopping spirit as far into the new year as they can and those who like to capitalize on this by creating phishing campaigns combined with fake shopping sites with lookalike domains (domain jacking) or taking advantage of typos (typosquatting) are also upping their game.
In a study by FairWinds Partners, 80% of the sites used for domain jacking see a significant increase in traffic during these after season times. Phishing scams, pay-per-click ads, and malvertising are on the rise.
Do-jacking and typosquatting happen when a cybercriminal uses a domain that is very close to a popular site for various scams. Often, the website collects information to use it for other nefarious purposes or even just to sell on the underground markets. Sometimes, it is used to get malware onto a visitor’s computer or device.
The way these attacks happens is simply by taking advantage of mistakes. Perhaps a letter is added to a site name as it for barnesandnobles.com (the real one being without the “s” on the end), for example. They take advantage of people making typographical mistakes. With a quick glance, the user likely won’t notice the subtle difference. This also occurs when a letter may be substituted with a number; such as replacing a lower case “L” in a name with a number “1.”This is a very common problem with online banking sites or for sites where payment card data is entered, because cyberthieves know that the credentials associated with those sites are very valuable.
It’s advised that when preparing to do shopping online or enter any confidential, sensitive, or personally identifiable information into a website, you take a little extra time to review the site name and make sure it’s correct first. Don’t click links that you find in email messages or that show up on the side of your web browser, for instance. Instead, type the name into your browser, but definitely use caution when doing so, because going to a site even for a second can cause malware to be downloaded onto your device. This is called a “drive-by download.”
Always make sure your devices are all equipped with anti-malware and anti-virus software or applications and it’s kept updated at all times. This includes all mobile devices on any operating system.
If you are ever in doubt about a website’s authenticity, don’t put any data into it. Instead, do a little more investigating before doing anything further. There have been enough barriers to our joy lately. Don’t let do-jacking and typosquatting spoil the good times this year.
Keep up to date: Sign up for our Fraud alerts and Updates newsletter
Want to schedule a conversation? Please email us at firstname.lastname@example.org