Fraudulent domains are remaining active for longer

Domain fraud is a growing risk for business and consumers alike

When you purchase through links on our site, we may earn an affiliate commission.Here’s how it works.

Domain fraud is a growing risk for businesses and consumers as cybercriminals register millions of domains to impersonate brands and major global events each year.

As registering a domain requires little more than an internet connection, domain fraud is fairly simple to execute and researchers have even discovered fraudulent domain services available for purchase on thedark web. These services make it simple for cybercriminals with no web design skills to quickly replicate a brand’s website on their domains, buy security certificates and even fake company documentation.

In its2019 Domain Fraud Report,Proofpointsheds light on the latest trends shaping the domain landscape and the tactics used by cybercriminals to trick users into visiting their fraudulent domains.

One of these tactics is hiding in plain sight as fraudulent domains often use many of the same top-level domains (TLDs), registrars and web servers used by legitimate domains. For example, 52 percent of all new domain registrations last year used the .com TLD while nearly 40 percent of new fraudulent domain registrations also used .com.

Threat to businesses

Proofpoint’s research also showed that domain fraud is a widespread threat to businesses. Proofpoint Digital Risk Protection customers from a wide variety of industries all faced threats from fraudulent domains with 76 percent finding “lookalike” domains posing as their brand, 96 percent found exact matches of their domains with a different TLD and 85 percent of retail brands found domains selling counterfeit goods.

The company’s researchers also observed email activity for fraudulent domains to discover that 94 percent of it customers found that at least one of their fraudulent domain detections was sending email. However, for the most part Proofpoint observed low volumes of email from these accounts which points to highly targeted and socially engineered attacks such as business email compromise (BEC).

Finally the company’s researchers observed how market factors such as pricing and availability appear to influence the behavior of domain fraudsters. Proofpoint highlighted how the launch of the.devTLD in February was immediately followed by 30 percent of its customers finding potentially fraudulent domains using the new TLD with their brand name just two weeks after its launch.

Are you a pro? Subscribe to our newsletter

Sign up to the TechRadar Pro newsletter to get all the top news, opinion, features and guidance your business needs to succeed!

Domain fraud can be just as damaging as a cyberattack and businesses and individuals need to carefully check the sites they visit to ensure they’re not falling victim to any potential scams.

After working with the TechRadar Pro team for the last several years, Anthony is now the security and networking editor at Tom’s Guide where he covers everything from data breaches and ransomware gangs to the best way to cover your whole home or business with Wi-Fi. When not writing, you can find him tinkering with PCs and game consoles, managing cables and upgrading his smart home.

This new phishing strategy utilizes GitHub comments to distribute malware

Should your VPN always be on?

After Arcane season 1 ended on a stunning cliff hanger, its creators say it was ‘always the plan’ for those characters to die in the season 2 premiere