IT Security

Share to Facebook Share to Twitter Share to LinkedIn

Security analyst company DomainTools recently released results for domains mimicking legitimate UK banks where they found 324 scenarios of Cybersquatting. Cybersquatting is where an individual or company register a domain with the intent to monetise from the brand, or trademark, which someone else owns.

How was it done?

In this case “hackers” will purchase a domain similar to a legitimate bank website through domain suppliers such as 123-reg or GoDaddy. Examples of the domains you can purchase are natwesti[.]com or hbsc[.]com. While it is unlikely that this will be searched for directly, when combined with phishing and scam emails this could still prove to be very dangerous.

The idea is that if a user is tricked into going to the suspicious site then it can either contain malicious software such as a virus, or may appear identical to the real website and act as an intermediate between you and the real website - all the while stealing banking details as you make transactions by intercepting your requests.

Can it be prevented?

Sadly, there is no easy way to stop this, blocking is not possible as they can just create another domain, as the pattern that they follow is to add or swap another character or word to an existing banking site domain, such as Barcllays or Lloydstbs.

The best solution is to ensure everyone is trained to be vigilant to suspicious emails and inform your IT department or administrator of any unusual activity. Never click a link if you are not sure or did not request the email.

Further Reading

The further reading material also includes a list of high-risk fake domains to watch out for and a list of banks that have been imitated.