Security News > 2021 > May > Defeating typosquatters: Staying ahead of phishing and digital fraud

These domains are like the real thing and are often visited by users who have mistyped the genuine domain URL. Unfortunately, criminals are good at finding new ways to trick unsuspecting visitors to your website.

Many domain registration companies now offer value-added services that can help protect against criminals seeking to exploit established domains.

Effective features include automatic renewal and additional protection guarantees against unauthorized transfer, which is especially useful after the attack which saw criminals take control of targeted cryptocurrency domains including liquid.com and Nice Hash transferred to criminals using social engineering techniques.

These include DN Pedia, which lets you know if any domains have recently been registered that include your brand name, and dnstwister, a useful tool which shows registered domains similar to your brand using the rules based on typosquatting methods.

To remove 12 domains that mimic its Facebook, Instagram and WhatsApp brands, the plaintiff had to file suit in the State of Georgia where Verisign, the business controlling the top-level domain registry for the sites is based, because the hosting company would not identify the owners and so the location of the defendants could not be determined.

In an ideal world, domain registration and hosting businesses would be more proactive in their approach to prevent typosquatting.

News URL

http://feedproxy.google.com/~r/HelpNetSecurity/~3/4g6klLhLRQI/