<meter id="72aef"></meter>
    <listing id="72aef"><object id="72aef"></object></listing>
  1. <output id="72aef"></output>
    <code id="72aef"></code>

    <output id="72aef"></output>

  2. <listing id="72aef"><delect id="72aef"><s id="72aef"></s></delect></listing>
    <small id="72aef"></small>

    <small id="72aef"></small>

    Press Release

    Hackers Cybersquat on Hundreds of UK Bank Domains to Spoof and Exploit Users

    DomainTools identifies over 300 websites tricking web users into thinking they’re clicking on to UK high street bank websites

    London, UK, May 2, 2017 – DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today released research regarding the plethora of cybersquatters and how they target popular UK banks. DomainTools found 324 registered domains using the trademarked names of five of the UK’s top high street banks. Domains masquerading as legitimate UK bank websites are often used by hackers to trick customers into handing over personal details or login information.

    Cybersquatting (also known as domain squatting) is the act of registering a domain name with the purpose of getting monetary benefit from a trademark that belongs to someone else. These domains are often used in phishing email campaigns and various other kinds of scams including pay per click ads (often for competitors’ services), for-profit survey sites and affiliate program abuse, or more nefarious content like ransomware and drive-by download campaigns.

    The DomainTools research team analysed domains mimicking Barclays, HSBC, Natwest, Lloyd’s and Standard Chartered using its PhishEye tool. PhishEye allows users to search for existing and new domains that spoof legitimate brand, product, organization, or other names. In total, there were 324 domains identified as high risk that contained the banks’ brand names. Some examples include:

        natwesti[.]com
        natwestbusinessbanking[.]co.uk
        lloydstbs[.]com
        hsbcgrp[.]com
        bhsbc[.]com
        barclaysbank-plc[.]co.uk
        wealthbarclays[.]co.uk
        standardchartered-bank[.]com
        standardcharteredbanks[.]com
        standardcharterd[.]com
        xtandardchartered[.]com

    Kyle Wilhoit, senior security researcher at DomainTools said, “Imitation has long been thought to be the sincerest form of flattery, but not when it comes to domains. While domain squatters of the past were mostly trying to profit from the domain itself, these days they’re often sophisticated cybercriminals using the spoofed domain names for more malicious endeavors.”

    He explained how there are patterns to be found in these types of domains – “Many will simply add a letter to a brand name, such as Domaintoools.com, while others will add letters or an entire word such as ‘login’ to either side of a brand name. Users should remember to carefully inspect every domain they are clicking on or entering in their browser. Also, ensure you are watching redirects when you are going from site to site.”

    “Brands can and should start monitoring for fraudulent domain name registrations and defensively register their own typo variants. It is better to lock down typo domains than to leave them available to someone else and at an average of £12 per year per domain, this is a relatively cheap insurance policy.” Wilhoit concluded.

    DomainTools offers top tips for consumers to avoid falling foul of a spoof website:

    • Check for extra added letters in the domain, such as Yahooo[.]com
    • Check for dashes in the domain name, such as Domain-tools[.]com
    • Look out for ‘rn’ disguised as an ‘m’, such as modem.com versus modern.com
    • Check for reversed letters, such as Domiantools[.]com
    • A plural or singular form of the domain, such as Domaintool[.]com

    To review the full PhishEye report, and to review tips on how consumers and organizations can protect themselves, visit: http://blog.domaintools.com/2017/05/up-to-your-gills-in-phishing-attacks-this-research-may-help..

    About DomainTools
    DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at http://www.1081377.com or follow us on Twitter:@domaintools

    新疆时时彩投注平台

      <meter id="72aef"></meter>
      <listing id="72aef"><object id="72aef"></object></listing>
    1. <output id="72aef"></output>
      <code id="72aef"></code>

      <output id="72aef"></output>

    2. <listing id="72aef"><delect id="72aef"><s id="72aef"></s></delect></listing>
      <small id="72aef"></small>

      <small id="72aef"></small>

        <meter id="72aef"></meter>
        <listing id="72aef"><object id="72aef"></object></listing>
      1. <output id="72aef"></output>
        <code id="72aef"></code>

        <output id="72aef"></output>

      2. <listing id="72aef"><delect id="72aef"><s id="72aef"></s></delect></listing>
        <small id="72aef"></small>

        <small id="72aef"></small>

        足彩比分怎么算 快乐赛app哪个好玩 玩幸运28输了100万 江西时时中奖规则 极速赛车趋势分析 江西新时时 广东福彩好彩一开奖 下载重庆时时app下载 球探比分即时足球比分 7m即时篮球比分直播