Cybercriminals registered more than 100,000 look-alike domains that closely mimic the legitimate websites of popular retail websites.
As the growth of e-commerce increases year after year attackers tend to register more malicious look-alike domains that aimed to steal customer sensitive and financial data.
Most of the users believe everything with HTTPS is trusted and secure, but that is not the real scenario. HTTPS connection ensures only the data traveled between client and server is secure.
FBI recently warned that Hackers use Secure HTTPS Websites to Trick Users and to Steal Sensitive Logins.
According to a recent investigation done by Venafi to find malicious domains targeting 20 retailers in the U.S., U.K., Germany, France, and Australia, they found over 100,000 fake domains that look like safe and trusted.
The research shows a sharp growth with the registration of fake domains, almost it doubled the growth when compared to 2018 and the TLS certificates used is 400% high, in that 60% of the domain using free SSL from Let’s Encrypt.
The registered fake domains vary between the country and the targeted retailer, among others, One of the top U.S. retailers has over 49,500 look-alike domains, United Kingdom (13,848), Germany (7,057), Australia (2,000), and France(1,569).
The Following are the two best prevention methods to avoid fake certificates.
You can find more details for checking with our article Is this website Safe: How to Check Website Safety to Avoid Cyber Threats Online.
You can follow us on Linkedin, Twitter, Facebook for daily Cybersecurity and hacking news updates.
The LightSpy threat actor exploited publicly available vulnerabilities and jailbreak kits to compromise iOS devices.…
White House National Cyber Director, CEOs, Key Financial Services Companies, Congressional and Executive Branch Experts…
Cybersecurity experts have identified a new Remote Access Trojan (RAT) named PySilon. This Trojan exploits…
The notorious Konni Advanced Persistent Threat (APT) group has intensified its cyber assault on organizations…
Google has updated its Chrome browser, addressing critical vulnerabilities that posed potential risks to millions…
WrnRAT is a new malware attack that cybercriminals have deployed by using popular gambling games…