Venafi, Inc. is a private cybersecurity company that develops software to secure and protect cryptographic keys and digital certificates.
Ahead of the holiday shopping season, security experts from Venafi conducted a study of typosquatted domains used to target 20 major retailers in the United States, the United Kingdom, Australia, Germany, and France.
The researchers discovered 109,045 lookalike domains using valid TLS certificates to make them appear more trustworthy. The number is doubled compared to last year, the study revealed that less than 19,890 certificates have been issued for legitimate retail domains.
Below key findings of the study:
Experts pointed out that every region had its own lookalike domains, in the US crooks targeted 83,934 retailers, one of which is a top U.S. retailers with over 49,500 typosquatted domains. In the US 14,784 certificates have been issued for legitimate retail domains.
Experts reported nearly 84,000 target retailers in the U.S., including almost 50,000 domains that imitate one of the country’s top retailers. In the U.K., Venafi identifier nearly 14,000 certificates issued for fake retailer domains.
The situation is also worrisome in the UK where Venafi has found the largest ratio of lookalike domains targeting retailers, that are over six times more look-alike domains than valid domains. The researchers found nearly 14,000 target retailers in the U.K., identifier nearly 1,900 certificates issued for fake retailer domains.
In Germany, there were roughly 7,000 certificates for typosquatted domains targeting retailers in the country, the lookalike domains are more likely to use certificates from Let’s Encrypt than any other region (85%).
In Australia, the experts found nearly 3,500 certificated for domains targeting local retailers, while the number of certificated in France was 1,500.
“We continue to see rampant growth in the number of malicious, look-alike domains used in predatory phishing attacks,” said Jing Xie, senior threat intelligence researcher at Venafi. “This is a result of the push to encrypt more and potentially all web traffic, a trend that generally improves security for users but inadvertently introduces a new challenge to existing methods of phishing detection. Most businesses and many retailers don’t have the updated technology in place to find these malicious sites and remove them to protect their customers.”
[adrotate banner=”9″] | [adrotate banner=”12″] |
(SecurityAffairs – Checkra1n exploit, checkm8)
[adrotate banner=”5″]
[adrotate banner=”13″]
A former U.S. NSA employee has been sentenced to nearly 22 years in prison for…
A new malware named Cuttlefish targets enterprise-grade and small office/home office (SOHO) routers to harvest…
A flaw in the R programming language enables the execution of arbitrary code when parsing…
The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019.…
Finnish hacker was sentenced to more than six years in prison for hacking into an…
The US government’s cybersecurity agency CISA published a series of guidelines to protect critical infrastructure…
This website uses cookies.