infographic homographs particularly effective is that the difference between individual characters is not always clearly distinguishable , depending on the fonts and typesets used .
• Typosquats include sneaky typing errors by registering domains that closely resemble popular websites ( e . g ., substituting “ amazonn [.] com ” for “ amazon [.] com “) to take users to a fraudulent website . Often , typosquats will be used for popular domains that are already registered for financial gain and to draw in advertising money , but malicious actors also ‘ squat ’ in these domains with websites that are visually close to what users are expecting to see .
• Combosquats combine well-known brand or company names with other keywords such as ‘ mail ’, ‘ security ’ or ‘ support ’. For instance , the domain wordpresssecurityt [.] store might be searchable on Google for WordPress users seeking help , but actually has a Russia-based IP address . According to Infoblox ’ s report , around 60 % of these abusive combosquatting domains stay active for more than 1,000 days , and only 20 % are reported and blocked after 100 days . Combosquatting is around 100 times more prevalent than typosquatting .
• Soundsquats are the most recent form of lookalike threats , using domain names that sound similar to legitimate ones when spoken aloud ( e . g ., “ hsbsee [.] com ” instead of “ hsbc [.] com ”). This can trick users who hear a domain instead of reading it , and has been researched for its potential impact on smart devices such as Google Home , Siri and Alexa .
While these four emphasise different types of attacks , threat actors rarely stick to one of these lanes .
Lookalike domains are designed to trick consumers .
They often attempt to use a combination of these techniques to defraud users and target businesses . Lookalike domains are designed to trick consumers , and while some may be good at spotting them , it only takes one or two people to engage with these domains to activate the effects of the attack .
While knowing how to spot lookalike domains is key , it won ’ t completely protect you from falling victim to one . One of the best ways to stay protected from lookalike domain attacks is having a strong DNS security strategy already in place , as it can help to detect and block lookalike domain attacks sooner . At Infoblox , we ’ re proud to be the first DNS security solution to offer a Lookalike Domain Monitoring capability that works to identify sites attempting to impersonate company brands that are increasingly used to deceive consumers with phishing , malvertising and similar attacks .
Detecting and not falling prey to these kinds of attacks are crucial , but the ability to takedown lookalike domains is equally important . Lookalike domain attacks are increasing in sophistication and prevalence , making specialised solutions like DNS security a must-have for all .
WWW . INTELLIGENTCISO . COM 23