Stories
Slash Boxes
Comments

SoylentNews is people

Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet

posted by Fnord666 on Sunday November 17 2019, @06:41AM   Printer-friendly
from the protect-your-business dept.

upstart writes:

Submitted via IRC for Bytram

Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet

The holiday shopping season is approaching, and many consumers will find their gifts online. After all, cyber Monday has practically turned into its own major holiday. Unfortunately, as online shopping continues to grow, so does the targeting of consumers through malicious look-alike domains.

Cyber attackers create fraudulent domains by substituting a few characters in the URLs. Because they point to malicious online shopping websites that closely mimic legitimate, well-known retail websites, it makes it increasingly difficult for customers to detect the fake domains. Additionally, given that many of these malicious pages use a trusted TLS certificate, they appear to be safe to online shoppers who unknowingly provide sensitive account information and payment data.

[Note - This article is directed at retailers and ecommerce sites rather than consumers. - Fnord666]

Some interesting details:

  • Growth in the number of look-alike domains has more than doubled since 2018, outpacing legitimate domains by nearly four times.
  • The total number of certificates used for look-alike domains is more than 400% greater than the number of authentic retail domains.
  • Over half (60%) of the look-alike domains studied use free certificates from Let's Encrypt.

Original Submission

 
This discussion has been archived. No new comments can be posted.
Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet | Log In/Create an Account | Top | 9 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 3, Interesting) by FatPhil on Sunday November 17 2019, @11:06PM (1 child)

    by FatPhil (863) <{pc-soylent} {at} {asdf.fi}> on Sunday November 17 2019, @11:06PM (#921328) Homepage
    The problem is trusting any CA A CA took money off someone, that's all that a certificate proves. I have more trust for self-signed certificates than for ones from 99% of the CAs in the firefox defaut trust list.
    --
    Great minds discuss ideas; average minds discuss events; small minds discuss people; the smallest discuss themselves
    Starting Score:    1  point
    Moderation   +1  
       Interesting=1, Total=1
    Extra 'Interesting' Modifier   0  
    Karma-Bonus Modifier   +1  
    Total Score:   3  

  • (Score: 1, Interesting) by Anonymous Coward on Sunday November 17 2019, @11:43PM

    by Anonymous Coward on Sunday November 17 2019, @11:43PM (#921336)

    Now that is real paranoid. I totally trust CNNIC to issue certificates for any domain, including *.gov or the Tibetan diaspora. We all know that every CA uses extreme vetting for all the certificates they issue /s

    In all seriousness, the first question I ask people when they don't believe self-signed TOFU with HTTPS is secure, I always ask whether they share the same belief with SSH an its security and most don't get the reference.