The Abuse of Domain Impersonation: Tips to avoid domain spoofing

22 April 2021

Scams usually involve impersonation attacks. The attacker pretends to be someone who is from a legitimate company and manipulates the victim until he gets the thing that he wants. Impersonation dominates attacks. This could damage someone’s reputation and lead to possible danger in many ways.

The danger of impersonation can also be done online. This is known as domain impersonation.

What is domain impersonation?

First, let us talk about domains.

Domain is a network of computers and devices that are controlled by one set authority and that have specific guidelines. The domain is labeled by its domain name such as Google.com.

For example, the domain name Google.com consists of the website’s name (Google) and the domain name extension (.com). When a company (or a person) purchases a domain name, they’re able to specify which IP address (server) the domain name points to.

Domain impersonation is a type of cyber attacks used by hackers to impersonate the domain name of legitimate businesses. It is mostly used in phishing attacks. Hackers replace or add a hard-to-notice letter, number, or symbol to the legitimate domain name.

These are the domain lookalikes and the tricky characters are nearly impossible to see. For example:

cloudflare.com could be spoofed as cloudfiare.com;

amazon.com could be spoofed as amazonn.com;

and google.com could be spoofed as go0gle.com.

Did you see the difference between the domain names in one second?

(Also see: Phishing Emails: 5 Signs To Look Out For)

How does it work and what is its impact on businesses?

Cyber attackers invest time and money in making impersonated domains. They have to buy and register the domain that they will use to trick their victims.

Once the attacker successfully bought and registered it, they will create and send a phishing email using the impersonated domain name but appears legitimate. When the attacker convinces the victim using the impersonated domain, the attacker can trick the user into downloading malware or entering credentials into a fake website.

This is a serious problem for businesses and their customers. The attacker can create convincing messages using the information from the compromised account for monetary gain.

For example, the attacker might impersonate a legitimate business and send a request to their employee or clients to send their bank account information to their accounts.

Imagine the possibility of having stolen information, damaged reputation, and loss of finance in businesses.

Tips to avoid becoming a victim

Think before you click

Hover your mouse over any suspicious domain and find out if they’re legitimate.

Take a close look at the domain

Does it have extra characters that don’t belong? Are there typos? Always double-check if it is the legitimate domain name.

Do not click the link or download files attached in the suspicious email

You may open a new tab and type/copy and paste the domain written on the email if you want to check whether it is legitimate or not.

Conduct cyber security training for your employees

Cyber threats are continually changing. Equip your employees with knowledge to combat these threats. Increase cyber security awareness effectively.

Stay updated with the latest scams online

Follow or subscribe to companies like NZCS that provide blogs and cybersecurity newsletters to let you stay updated with the latest scams online.

How can NZCS help?

New Zealand Computing Solutions take a stratified approach to cyber security and provide proactive cyber defence services to prevent unauthorized Internet traffic.

NZCS qualified experts can train your staff on managing cyber security and protecting company infrastructure.

Request a free consultation to discover how to unlock the value of security-related services for your business.