Cybersecurity In-Depth: Digging into data about the latest attacks, threats, and trends using charts and tables.

Domain Fraud on the Upswing

New TLDs has given rise to the increased number of fraudsters spinning up fake domains.

Kacy Zurkus, Contributing Writer

July 1, 2019

1 Min Read
Source: "2019 Domain Fraud Report," Proofpoint

Cybercriminals have been leveraging the privacy features extended to consumers in regulations such as GDPR, because they allow them to remain anonymous and register for fraudulent domains, according to new research from Proofpoint.

In the recently published report, "2019 Domain Fraud Report," Proofpoint researchers found one in every four fraudulent domains that were registered have security certificates and 90% are active on a live server. Additionally, over 15% of fake domains have mail exchanger records.

An alarming 85% of top retail brands have identified fraudulent domains selling counterfeit versions of their products, which poses an obvious threat to businesses, the report points out. To create these "look-alike" domains, fraudsters are prone to using Chengdu West Dimension Digital, NameSilo, Public Domain Registry, GoDaddy as their registrars of choice. 

These fraudulent domains are able to go largely undetected because they use the same top-level domains (TLDs), registrars, and Web servers as legitimate businesses. Researchers found the advent of new TLDs in 2018, such as .app and .icu, has given rise to the increased number of fraudsters spinning up fake domains.

According to the report, TLDs "provided new opportunities for the registration of fraudulent domains. Our research suggests that attackers rushed to register domain names with the new TLDs. These fraudulent domains resembled '.com' domains already owned by top brands."

About the Author

Kacy Zurkus

Contributing Writer

Kacy Zurkus is a cybersecurity and InfoSec freelance writer as well as a content producer for Reed Exhibition's security portfolio. Zurkus is a regular contributor to Security Boulevard and IBM's Security Intelligence. She has also contributed to several publications, including CSO Online, The Parallax, InfoSec Magazine, and K12 Tech Decisions. She covers a variety of security and risk topics and has also spoken on a range of cybersecurity topics at conferences and universities, including Secure World and NICE K12 Cybersecurity in Education. 

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like


More Insights