3 Ways to Defend Against The New Domain Name Exploit
Cybercriminals are using a new scam to trick end users into clicking on misleading links. This strategy involves purchasing Internet domain names that closely resemble popular websites, and replacing letters with Latin characters.
This exploit does not have a name yet, but it’s similar to a method called type squatting which involves registering popular domain names that contain misspelled words and banking that users will enter them.
Here is an example of what the new exploit looks like:
Normal link: www.Google (News - Alert).com
Exploited link: www.ɢoogle.com
Notice how the link still says Google, but the G is actually an entirely different symbol — the Latin character "ɢ .”
This is possible because domains support the Unicode alphabet, which is necessary for registering websites that do not contain Roman letters, such as Chinese.
The problem is that spammers are using the Unicode alphabet to guide users to harmful websites and wreak havoc on networks. Google, for instance, recently filed a complaint against a Russian spammer who reportedly registered ɢoogle.com and was using it to flood websites’ analytics with pro-Trump messages. This hacker also registered the website lifehacKer.com (notice the K).
From a cybersecurity perspective, this new exploit is a major challenge. Part of the problem is that when people read, they don’t typically analyze every letter in a word. This is particularly common in the workplace, where people are more inclined to choose speed over precision reading. While this is important for productivity, it can also be harmful as it can lead to costly errors.
We recommend the following security precautions:
- Inform workers: Workers need to be aware of this threat, and remain extra vigilant when browsing the Internet or using email. They should inspect all links before clicking on them, and avoid emails that appear to contain special characters instead of letters. All suspicious links should be reported to IT for further investigation.
- Monitor the network: Don’t expect to stop every attack. Eventually, someone is going to click on a harmful link and infect his or her machine. In fact, one recent study indicated that 75 percent of organizations have been hit by malicious adware. The best way to handle this is to be proactive, and have a plan in place to detect suspicious activity before it cascades throughout the network. Rapid response troubleshooting is critical for overcoming cyberattacks.
- Stop the problem before it becomes one: It is possible to beat hackers at their own game. This can be accomplished by purchasing domain names that are similar to the business’ name, but contain misspelled words and Roman characters. This option is expensive, but could prove to be useful if this problem continues spreading.
The Tip of the Iceberg for Cybercrime
This is just one item on a long list of cyberthreats that you need to be aware of. Some others include:
- Ransomware: A type of malware that hijacks data or a device and demands a ransom in Bitcoin.
- Doxware: Doxxing involves phishing for someone’s personally identifiable information (PSI) and threatening to release it online unless a ransom is paid.
- Distributed denial of service (DDoS) attacks: Hackers are now exploiting large armies of connected devices and using them to launch concentrated cyberattacks against domain registries and websites. A DDoS attack can shut down a website for an extended period of time. This is becoming a big problem for industrial IoT equipment.
- Malicious internal actors: More than half of all cyberattacks today stem from malicious insiders.
- Dronejacking : Securityweek.com recently predicted that “dronejacking” will the next big cyberthreat. Businesses using drones should act now to protect their endpoints, before this new wave of cybercrime accelerates.
- Software and hardware vulnerabilities: Software and hardware can be easily exploited by hackers unless they are up to date with the latest security fixes. Constant maintenance and oversight is necessary to keep critical infrastructure safe.
- Shadow IT: This occurs when IT has limited visibility over employee-owned devices. Shadow IT makes it very difficult to protect the network from external threats.
The list of cybersecurity challenges goes on and on, and it can be difficult to stay informed about new developments. These challenges can also put an enormous strain on IT, especially if they are already tasked with other pressing responsibilities.
It’s for this reason why many businesses choose to consult with MSPs offering expert guidance and support, as well as cutting-edge cybersecurity tools. With the help of an MSP, a business can easily — and cost effectively — obtain the necessary provisions for staying safe online.
To learn more information about how Apex (News - Alert) Technology Services can help secure your organization, click here.
A new breed of hacktrepeneurs has awokened and they have little to fear and everything to gain by infecting as many companies as possible and extorting money from them. Apex Technology Services stands ready to protect your company regardless of whether it’s located in New York City; White Plains, New York; Connecticut; Australia; Europe; or anywhere else. Our full suite of cybersecurity and IT support services is at your disposal, enabling you to spend less time worrying about and more time growing your business.
To ensure your security, consider one of our most popular services — Auditing & Documentation — which pinpoints vulnerabilities in your infrastructure, process flow and internal security procedures.
Edited by Alicia Young