Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet
upstart writes:
Submitted via IRC for Bytram
Holiday Shoppers Beware: Look-Alike Domains Are Targeting Your Wallet
The holiday shopping season is approaching, and many consumers will find their gifts online. After all, cyber Monday has practically turned into its own major holiday. Unfortunately, as online shopping continues to grow, so does the targeting of consumers through malicious look-alike domains.
Cyber attackers create fraudulent domains by substituting a few characters in the URLs. Because they point to malicious online shopping websites that closely mimic legitimate, well-known retail websites, it makes it increasingly difficult for customers to detect the fake domains. Additionally, given that many of these malicious pages use a trusted TLS certificate, they appear to be safe to online shoppers who unknowingly provide sensitive account information and payment data.
[Note - This article is directed at retailers and ecommerce sites rather than consumers. - Fnord666]
Some interesting details:
- Growth in the number of look-alike domains has more than doubled since 2018, outpacing legitimate domains by nearly four times.
- The total number of certificates used for look-alike domains is more than 400% greater than the number of authentic retail domains.
- Over half (60%) of the look-alike domains studied use free certificates from Let's Encrypt.
Read more of this story at SoylentNews.