Look-alike shopping domains are the latest type of cyber-attack to target online shoppers. There are currently more than 6,400 digital certificates for look-alike domains, which is 168% more than valid UK retail domains.
These cyber threats are an attempt to retrieve shoppers’ usernames, passwords and even credit card details. Research has shown that suspicious domains target even the biggest retailers in the country.
How can you spot the fake sites?
Cyber attackers tend to create look-alike sites with domains that substitute a few characters in the URL. So, look carefully at the address bar and see if it matches that of the official site.
These fake sites closely mimic legitimate, well-known retail websites so it is becoming increasingly difficult to spot the fake domains.
Watch out for the trusted SSL/TLS certificate
Unfortunately, the Security firm Venafi have revealed that as many as 81% of look-alike domains studies in the UK use free certificates from Let’s Encrypt, a free, open and automated certificate authority. This makes the domains appear verified and safe for online shoppers.
“Domain spoofing has always been a cornerstone technique of web attacks that focus on social engineering, and the movement to encrypt all web traffic does not shield legitimate retailers against this very common technique,” said Jing Xie, Senior Threat Intelligence Analyst for Venafi.
“Because malicious domains now must have a legitimate TLS certificate to function, many companies feel that certificate issuers should own the responsibility of vetting the security of these certificates. In spite of significant advances in the best practices followed by certificate issuers, this is a really bad idea,” she said.
This time of year is most popular
As Christmas approaches and the number of shoppers increase, there is very likely going to be an increase in look-alike domains. Fake websites are often undetected for weeks before security researchers become aware of them and shut them down, so it’s important to stay extra wary of the shopping sites that you visit.
If you spot a suspicious domain, report it to the Anti-Phishing Working Group (APWG), an international voluntary organisation that focuses on limiting cyber-crime perpetrated through phishing.