TMCnet News
Venafi Research: Large Number of Look-Alike Domains Pose Phishing Risks to Online ShoppersVenafi®, the leading provider of machine identity protection, today released research on the explosion of look-alike domains, which are routinely used to steal sensitive data from online shoppers. Venafi's research analyzed suspicious domains targeting the top 20 retailers in five key markets: the U.S., U.K., France, Germany and Australia. As the rate of online shopping increases, customers are being targeted through look-alike domains. Cyber attackers create these fake domains by substituting a few characters in the URLs. Because they point to malicious online shopping sites that mimic legitimate, well-known retail websites, it makes it increasingly difficult for customers to detect the fake domains. Additionally, given that many of these malicious pages use a trusted TLS certificate, they appear to be safe for online shoppers who unknowingly provide sensitive account information and payment data. "Domain spoofing has always been a cornerstone technique of web attacks that focus on social engineering, and the movement to encrypt all web traffic does not shield legitimate retailers against this very common technique," said Jing Xie, senior threat intelligence analyst for Venafi. "Because malicious domains now must have a legitimate TLS certificate in order to function, many companies feel that certificate issuers should own the responsibility of vetting the security of these certificates. In spite of significant advances in the best practices followed by certificate issuers, this is a really bad idea." "No organization should rely exclusively on certificate authorities to detect suspicious certificate requests," continued Xie. "For example, cyber attackers recently set up a look-alike domain for NewEgg, a website with over 50 million visitors a month. The look-alike domain used a trusted TLS certificate issued by the CA (News - Alert) who followed all the best practices and baseline requirements. This phishing website was used to steal account and credit card data for over a month before it was shut down by security researchers." According to Venafi's research, there has been an explosion in the number of potentially fraudulent domains. There are more than double the number of look-alike domains compared to legitimate domains, and every online retailer studied is being targeted. Key findings from the research include:
"Ultimately, we should expect even more malicious look-alike websites designed for social engineering to pop up in the future," concluded Xie. "In order to protect themselves, enterprises need effective means to discover domains that have a high probability of being malicious through monitoring and analyzing certificate transparency logs. This way they can leverage many recent industry advances to spot high-risk certificate registrations, crippling malicious sites before they cause damage by taking away their certificates." For more information, please visit: https://www.venafi.com/resource/Venafi-Research-Brief-The-Risk-Lookalike-Domains-Pose-to-Online-Retailers Additional Resource: Blog: Venafi Retail Research: Will Holiday Shoppers be Duped By Look-alike Domains? About Venafi Venafi is the cyber security market leader in machine identity protection, securing connections and communications between machines. Venafi protects machine identity types by orchestrating cryptographic keys and digital certificates for SSL/TLS, IoT, mobile and SSH. Venafi provides global visibility of machine identities and the risks associated with them for the extended enterprise-on premises, mobile, virtual, cloud and IoT-at machine speed and scale. Venafi puts this intelligence into action with automated remediation that reduces the security and availability risks connected with weak or compromised machine identities while safeguarding the flow of information to trusted machines and preventing communication with machines that are not trusted. With over 30 patents, Venafi delivers innovative solutions for the world's most demanding, security-conscious Global 5000 organizations, including the top five U.S. health insurers; the top five U.S. airlines; four of the top five U.S., U.K., Australian and South African banks; and four of the top five U.S. retailers. For more information, visit: http://venafi.com. View source version on businesswire.com: https://www.businesswire.com/news/home/20180927005097/en/ |