Stories
Slash Boxes
Comments

SoylentNews is people

Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet

posted by Fnord666 on Sunday November 17 2019, @06:41AM   Printer-friendly
from the protect-your-business dept.

upstart writes:

Submitted via IRC for Bytram

Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet

The holiday shopping season is approaching, and many consumers will find their gifts online. After all, cyber Monday has practically turned into its own major holiday. Unfortunately, as online shopping continues to grow, so does the targeting of consumers through malicious look-alike domains.

Cyber attackers create fraudulent domains by substituting a few characters in the URLs. Because they point to malicious online shopping websites that closely mimic legitimate, well-known retail websites, it makes it increasingly difficult for customers to detect the fake domains. Additionally, given that many of these malicious pages use a trusted TLS certificate, they appear to be safe to online shoppers who unknowingly provide sensitive account information and payment data.

[Note - This article is directed at retailers and ecommerce sites rather than consumers. - Fnord666]

Some interesting details:

  • Growth in the number of look-alike domains has more than doubled since 2018, outpacing legitimate domains by nearly four times.
  • The total number of certificates used for look-alike domains is more than 400% greater than the number of authentic retail domains.
  • Over half (60%) of the look-alike domains studied use free certificates from Let's Encrypt.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet | Log In/Create an Account | Top | 9 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 5, Insightful) by Booga1 on Sunday November 17 2019, @07:22AM

    by Booga1 (6333) on Sunday November 17 2019, @07:22AM (#921204)

    The real problem is that people were taught to trust the icons.. I.E: they see a lock, or a green lock and think "I'm safe. This is the website I wanted."
    Google/Chrome has pushed this, even going so far as to declare unencrypted connections as "unsafe" even when they're perfectly fine. However, you may be right. They may be the first to drop them.
    Of course, ICANN's approval of internationalized domain names was also a horrible idea and now the predictions about malware and lookalikes are coming true.
    Let's Encrypt might still be safe since they are following guidelines and the domains are all legitimate, from a technical standpoint at least. I can't think of a certificate provider that verifies the actual website content. There's no point to that since all you need to do is serve "safe" content when you set things up and switch to malicious content later.

    Starting Score:    1  point
    Moderation   +3  
       Insightful=3, Total=3
    Extra 'Insightful' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   5