Collaborate Disseminate
One big threat out there is typosquat domains. For example instead of:
steamcommunity.com some malicious actor will register the domain stearncornmunity.com and set up his fake steam login.
Why do companies not buy these "fake domains… Continue reading Why don’t bigger companies buy similar domains to their main domain to prevent typosquatting?
It has become a mantra for businesses targeted by hackers to describe the incident as a “sophisticated cyber-attack”. Although true in some instances, the reality is that most cyber-attacks involve the use of easily preventable tactics including phishi… Continue reading Defeating typosquatters: Staying ahead of phishing and digital fraud
A Nigerian national, Obinwanne Okeke, has been sentenced to 10 years in prison for allegedly coordinating an international spearphishing campaign that has cost victims approximately $11 million in losses. The scheme, which lasted from 2015 to 2019, targeted Unatrac Holding Limited, a British firm that acted as the export sales office for Caterpillar, with fake invoices and wire transfer requests. The FBI opened an investigation into the alleged scam in 2018 after Unatrac raised alarm about an email compromise operation that had targeted the firm, according to court documents. The scheme collected the credentials of hundreds of victims over the course of the operation, according to the FBI press release on the matter. It’s the kind of business email compromise scam that plagues businesses around the world. There were $1.7 billion worth of losses caused by BEC scams in 2019 alone, the most recent year the FBI has published data […]
The post Nigerian man sentenced 10 years for $11 million phishing scam appeared first on CyberScoop.
Continue reading Nigerian man sentenced 10 years for $11 million phishing scam
Proofpoint has filed a lawsuit against Facebook arguing that it should be allowed to use domains that imitate the Facebook and Instagram brands to test customers’ ability to avoid online scams. Cybercriminals often imitate popular brands’ sites, including Facebook and Instagram, to dupe unsuspecting users, then pilfer their credentials or distribute malware. Proofpoint is one of several security companies that provides customers with phishing training that includes look-alike domains of popular brands in order to test clients’ wits on avoiding common cons. By sending messages that appear to be from “Instagrarn” rather than “Instagram,” for instance, Proofpoint and other email security firms test clients’ ability to detect attacks. Social media sites, particularly Facebook and Instagram, are typically among the top most imitated in criminals’ so-called typo-squatting schemes, according to Palo Alto Networks research published in September. The suit, filed Tuesday in an Arizona district court, is a countersuit to Facebook’s […]
The post Proofpoint sues Facebook over dummy sites used for anti-phishing training appeared first on CyberScoop.
Continue reading Proofpoint sues Facebook over dummy sites used for anti-phishing training
Malicious redirection websites are using typosquatting and impersonation to attack unwary visitors. Continue reading Xfinity, McAfee Brands Abused by Parked Domains in Active Campaigns
I have a web application which uses an external authentication server for obtaining a session. When a client tries to login, the browser is making requests towards the external authentication server until a cookie is obtained. Note that th… Continue reading Protecting an external authentication server against CSRF
The most imitated websites that credential-stealing, financially-motivated hackers have resorted to mimicking include Wells Fargo, Netflix, Facebook, and Microsoft, according to new Palo Alto Networks research published Tuesday. Some of the other top brands that hackers have mimicked with typosquatting, a technique that relies on victims glancing over typos in website names that appear similar to other popular legitimate sites, also include PayPal, Apple, Royal Bank of Canada, LinkedIn, Google, Apple’s iCloud, Bank of America, Dropbox, Amazon, and Instagram, according to the research, which examines data collected in December 2019. The hackers have been using these malicious domains to distribute malware, reward scams, run phishing campaigns and technical support scams, Palo Alto Networks’ Unit 42 researchers said in a blog post. Of nearly 13,857 squatting domains registered in December, 18.59% are malicious, “often distributing malware or conducting phishing attacks.” Typosquatting has long been a favorite tactic for attackers looking to […]
The post The most popular brand websites hackers use for typosquatting campaigns appeared first on CyberScoop.
Continue reading The most popular brand websites hackers use for typosquatting campaigns
The Department of Homeland Security last week told election officials to be wary of suspicious websites that impersonate federal and state election domains and could be used for phishing or influence operations. The Aug. 11 bulletin distributed by DHS’s Office of Intelligence and Analysis, which CyberScoop reviewed, listed roughly 50 suspicious domains that were purporting to offer information related to voting and elections. “These suspicious typo-squatting domains may be used for advertising, credential harvesting and other malicious purposes, such as phishing and influence operations,” the advisory says. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations of legitimate U.S. election websites.” Typosquatting is an issue that litters the internet and affects every sector because it is cheap and easy for anyone to set up a website that mimics the spelling of a legitimate one. A 2018 study found […]
The post Feds warn election officials of potentially malicious ‘typosquatting’ websites appeared first on CyberScoop.
Continue reading Feds warn election officials of potentially malicious ‘typosquatting’ websites
I had a typo and npm installed something that is similar in name to something very popular — I was concerned about typosquatting. It’s quite plausibly legitimate and just a coincidence. I looked at the corresponding package and didn’t s… Continue reading How much damage can a malicious package do with just "npm install <package>"?
Has someone done an actual study on how effective typo domains are versus random websites in phishing links?
I am trying to justify the expense of going after typosquatters and the possibility of the domains being used as a phishing attac… Continue reading Has someone quantified how much more effective typodomains are than random websites in phishing attacks?