Beware, online shoppers! Cybercriminals have registered over 100,000 look-alike domains that resemble popular retail websites

0
976
  • These look-alike domains use valid TLS certificates to appear safe and trusted.
  • These fake domains have been created to target 20 retailers in the U.S., U.K., Germany, France, and Australia.

As the opportunities for e-commerce platforms increases, threat actors have found multiple ways to trick online shoppers to steal money and sensitive data.

What’s the new trick?

  • According to a recent investigation done by Venafi, it has been found that cybercriminals have registered more than 100,000 look-alike domains that closely mimic the legitimate websites of popular retail websites.
  • These look-alike domains use valid TLS certificates to appear safe and trusted.
  • The number has almost doubled when compared to 2018 and the TLS certificates used are 400% high.
  • These fake domains have been created to target 20 retailers in the U.S., U.K., Germany, France, and Australia. One of the top U.S. retailers has over 49,500 look-alike domains targeting their customers.
  • Over half (60%) of the look-alike domains studied use free certificates from Let’s Encrypt.

Protection steps

Online retailers should take several steps to protect their customers. This includes:

  • Search and report suspicious domains using Google Safe Browsing. It helps the industry to identify and blacklist dangerous websites.
  • Add Certificate Authority Authorization (CAA) to the DNS records of domains and subdomains. By adding CAA records retailers can specify which CAs can issue certificates for domains they own.

Customers are also advised to follow a few basic security tips while shopping online. This includes:

  • Check the websites with online scanners to find it’s integrity.
  • Check the website safety and reputation before adding personal details.
  • Check the website spelling, logo and contact details.