Top

Cybersquatting: what it is and how to keep safe

Rights, Scams and Politics

Updated on 05 May 2017 | 4 Comments

Scammers are using convincing copycat websites to steal personal details from online banking customers. Here’s what to watch out for and how to keep safe.

Some of the UK’s biggest banks are being targeted by hackers creating copycat websites linked to their brand, according to research by security analysts DomainTools.

The trend is known as ‘cybersquatting‘ and involves criminals registering domains that look similar but aren’t quite the same as the official web addresses of banks.

These dodgy websites are created to be used in phishing emails that attempt to trick victims into clicking on links and handing over personal details, but criminals are also relying on the typos we make in browsers.

Once on the fake website, fraudsters will try to get victims to type in personal details like usernames and passwords or trick them into downloading malware.

Find a better current account today

Banks being targeted

DomainTools analysed domains mimicking five of the UK’s biggest banks using a tool called PhishEye.

This allows people to search for existing and new domains that spoof brand, products and orginsations with other names.

In total the research found a total of 324 ‘high-risk’ domains that contained the brand names.

HSBC was found to be one of the most heavily targeted, with 110 dodgy domains identified in the analysis.

But DomainTools uncovered 74 mimicking Barclays, the same for Standard Chartered, at least 66 spoofing NatWest and 22 that appear similar to Lloyds.

Dodgy websites to watch out for

Here are some examples of the dodgy websites that were uncovered.

Source: DomainTools

As you can see, scammers are using tweaks that aren't necessarily easy to spot.

Kyle Wilhoit, senior security researcher at DomainTools, explained: “Many will simply add a letter to a brand name, such as Domaintoools.com, while others will add letters or an entire word such as ‘login’ to either side of a brand name.

“Users should remember to carefully inspect every domain they are clicking on or entering in their browser. Also, ensure you are watching redirects when you are going from site to site.”

Spot signs of suspicious activity by checking your credit report

What can banks do?

Cybersquatting is the act of registering a domain name with the intent of making money from a trademark that belongs to someone else.

But the trend has taken an even more sinister turn by hackers and worryingly spoof websites using a bank’s name can be purchased for as little as £12 a year.

Wilhoit commented: “Imitation has long been thought to be the sincerest form of flattery, but not when it comes to domains.

"While domain squatters of the past were mostly trying to profit from the domain itself, these days they’re often sophisticated cybercriminals using the spoofed domain names for more malicious endeavors.”

However, Wilhoit says banks should do more to curb the trend of cybersquatting.

He says: “Brands can and should start monitoring for fraudulent domain name registrations and defensively register their own typo variants.

“It is better to lock down typo domains than to leave them available to someone else and at an average of £12 per year per domain, this is a relatively cheap insurance policy.”

We spoke to HSBC about the issue, which said it does a lot of work to weed out dodgy websites but there needs to be a balance, as some websites using the brand's name like hsbc.org – a site for the Hunter Street Baptist Church – are genuine.

A spokesperson said: “It is an ongoing challenge for businesses across every industry to establish whether website domains that have been set up are for genuine or nefarious purposes. 

“Security of our own website and our customers' details is of paramount importance which is why we have teams and external agencies using the latest technology to continuously monitor the internet for sites that can be an active threat to us or our customers, and we take timely and effective enforcement action.

“We would also advise customers to be mindful of the risk of phishing and different types of scam and to check our security centre for the latest advice including links to industry and government supported educational campaigns such as Take Five.”

How to keep safe

If you get an email claiming to be from you bank, be wary of clicking the links and check for suspicious web addresses by hovering over them.

DomainTools recommends these tips to spot a dodgy website address:

  • Check for extra added letters in the domain, such as Yahooo[.]com;
  • Check for dashes in the domain name, such as Domain-tools[.]com;
  • Look out for ‘rn’ disguised as an ‘m’, such as modem.com versus modern.com
  • Check for reversed letters, such as Domiantools[.]com
  • A plural or singular form of the domain, such as Domaintool[.]com

Another way to ensure you never end up on a dodgy site is to bookmark your bank’s website rather than risk accidentally using a typo that leads you to a website set up by cybersquatters.

Find out how to win £100 every day in the loveMONEY newsletter prize draw

Keep safe with loveMONEY:

Santander text message scam – how to stay safe

Reporting scams: who to contact when you get fraudulent phone, post and email

Keep Your Money Safe
Get Paid £150 To Leave Your Bank
Get paid up to £150 to switch current accounts. Better customer service, high-interest savings accounts and interest-free overdrafts are all on offer..
Shop Safer With A Credit Card
Your credit card provider must protect purchases over £100 for free. So make sure you use plastic to be extra safe when you buy pricey items.

Most Recent

Ranked: the 10 highest-paid tennis stars today
Cheap food & drink offers from all the major supermarkets
5 steps to take if you fall victim to identity theft
prev next

Comments

  • 06 May 2017

    Be careful if you get an e-mail or text from your bank or Paypal or someone else say an error has been made on your account. Had several of these doggy e-mails and text saying there has been an error made on your account or to update your details. Some are easy to spot as the address is not from say Paypal or your bank. But some are quite convincing and unwary people might click on the link. Criminals are getting clever by using the fact we can internet on our smart phones and sending text from what looks like Paypal to say your account has been hacked or you had suspicious activity or had a lot of money put in and to confirm it via this link. In the callers Id it mimics Paypal or Lloyds but they wouldn't send a link just tell you to login via the website or app. My Mrs keeps getting these from Paypal and she has never used Paypal. Don't get fooled by the invoice from Paypal saying you been sent say £400 and to clear the funds you got to pay £125 or something like that via world pay. Never let anyone take over your computer unless your sure they are genuine (Microsoft) and as once you give them this control they can see what your typing and can into your personal files and can take over when ever they like even if you not using the computer. If you log into your bank they can as well. If a link from an email asks you to download software unless you know the source. DONT as it could be a virus with a key logger or ransom software.

    REPORT This comment has been reported.
    0

  • 05 May 2017

    This scam has been around for many years now. It exists because we don't police the internet. This is not because its technically impossible but because no one wants to pay for it. Because we've left it for decades it will be a massive and expensive operation now but it would be worth doing. We mustn't listen to these people who say it impacts "freedom of speech". It needs a massive multi-national effort to catch these fraudsters and rid the internet of it's criminal activity. End of rant!

    REPORT This comment has been reported.
    3

  • 05 May 2017

    This type of crime seems to be viewed differently to other theft crimes but the end result is the same to the victim. I'm sure that with a greater effort from the authorities they could reduce the number of thefts. They could start by introducing a 10 year mandatory sentence for everyone involved in this despicable crime.

    REPORT This comment has been reported.
    5

Do you want to comment on this article? You need to be signed in for this feature

Most Popular

Copyright © lovemoney.com All rights reserved.

 

loveMONEY.com Financial Services Limited is authorised and regulated by the Financial Conduct Authority (FCA) with Firm Reference Number (FRN): 479153.


loveMONEY.com is a company registered in England & Wales (Company Number: 7406028) with its registered address at First Floor Ridgeland House, 15 Carfax, Horsham, West Sussex, RH12 1DY, United Kingdom.


loveMONEY.com Limited operates under the trading name of loveMONEY.com Financial Services Limited.


We operate as a credit broker for consumer credit and do not lend directly.


Our company maintains relationships with various affiliates and lenders, which we may promote within our editorial content in emails and on featured partner pages through affiliate links. Please note, that we may receive commission payments from some of the product and service providers featured on our website. In line with Consumer Duty regulations, we assess our partners to ensure they offer fair value, are transparent, and cater to the needs of all customers, including vulnerable groups. We continuously review our practices to ensure compliance with these standards.


While we make every effort to ensure the accuracy and currency of our editorial content, users should independently verify information with their chosen product or service provider. This can be done by reviewing the product landing page information and the terms and conditions associated with the product. If you are uncertain whether a product is suitable, we strongly recommend seeking advice from a regulated independent financial advisor before applying for the products.