Business continues to boom for hackers and cyber criminals during the pandemic – and their latest scheme is sneakier than ever.
It’s a trend called cybersquatting, and far from being the latest fitness craze, it hijacks the reputation of well-known brands to trap its victims into handing over sensitive information.
The hacker might set up a domain name that’s just one keystroke (an easy typo, perhaps) or similar in wording to a well-known website, in order to convince an internet user that they’re on the genuine site.
While cybersquatting is not always malicious, the created domains are often used or repurposed for attacks, a report from Palo Alto Networks cyber security research team Unit 42 says.
“We found that domain squatters prefer profitable targets, such as mainstream search engines and social media, financial, shopping and banking websites,” a report released this week states.
“When visiting these sites, users are often prepared to share sensitive information, which opens them up to phishing and scams to steal sensitive credentials or money if they can be deceived into visiting a squatting domain instead.”
Unit 42’s research found the most commonly used bait brands were Paypal, Apple, Netflix and LinkedIn.
So how does the average internet user find themselves on one of these sites?
Unfortunately, it can be quite easy. A simple slip of the fingers can turn a legitimate website into one that’s been carefully curated to look like the real thing.
“Typosquatters intentionally register misspelled variants (such as whatsalpp[.]com) of target domain names (whatsapp[.]com) to profit from users’ typing mistakes or to deceive users into believing that they are visiting the correct target domain,” Unit 42 explained.
They can also find their way in through phishing – shooting out a targeted email or social media post, which will link back to a legitimate-looking site that could prompt you to enter information like your full name, email address or even credit card details.
When using these sorts of websites, Unit 42 advised, the best thing to do to protect yourself is check and double-check the domain name – is it exactly as you know it should appear?
Don’t enter any personal details until you’re 100 per cent sure.
Keeping safe and secure
Australians are increasingly plugged into their devices this year, as the global pandemic keeps us indoors and in many cases, working from home on less secure networks than we’re used to.
Scamwatch reported that as of last week, it has received more than 3900 reports of scams using COVID-19 ploys to rob Australians of more than $3.1 million.
Criminals are pretending to be the government, health authorities, supermarkets – anyone and anything to try and take advantage of the situation.
Individuals and businesses are at risk.
Scamwatch recommends the following actions to keep yourself safe online:
- Don’t click on hyperlinks in text/social media messages or emails, even if they appear to come from a trusted source
- Never respond to unsolicited messages and calls that ask for personal or financial details – just press delete or hang up
- Never provide a stranger remote access to your computer, even if they claim to be from a telco company such as Telstra or the NBN Co
- To verify the legitimacy of a contact, find them through an independent source such as a phone book, past bill or online search.
And if you do suspect you’ve been the victim of a scam, or that you’ve spotted one, report it to Scamwatch here.