background.png

The Cyber Feed

Protection Beyond the Perimeter Starts Here.

Posts by Topic

see all

Get Updates from Us!

Threat Actors and Typosquatting: Phishing Emails and Sites with a Deceiving URL

We can’t stress enough how vital cyber awareness is to the lifeline of business (and personal) assets, and a highly powerful way to convey this message is by putting our audience in the shoes of the victim.


Let’s try and understand the magnitude of typosquatting and phishing campaigns, so that the takeaways of this article allow readers to be one step closer to a fortified cyber posture.

Phishing Emails and Subject Lines

Phishing emails are a growing trend in today’s online world.

The more obvious defense against phishing emails is spam filters and other cybersecurity technologies, otherwise known as our ‘first line of defense’ to the phenomenon.

Funnily enough, our second line of defense against phishing emails is none other than ourselves, that is, our eyes and our awareness-levels to be on the lookout everytime we click on an email delivered to our inboxes.

There are plenty of signs that we are meant to be looking out for when it comes to phishing emails:

  • Messages from companies you don’t have accounts with (but whose subject line/email body suggests that you do)
  • Subject lines or email body with spelling mistakes
  • Messages from the wrong email address (i.e ‘info@hsbc.savings.com’ instead of ‘info@hsbc.com
  • Addressed to ‘Dear User’ instead of ‘Dear Your Name’
  • Subject or email body with unexpected messages that trigger a sense of urgency in the recipient, i.e ‘resume’ or ‘unpaid invoice.

Typosquatting and Phishing

Cybercriminals thrive off of typosquatting as an easy-peasy way to lure email recipients to spoof web pages, where victims then type in their personal information, under the illusion that they’re signing back into a loyal site where they visit often.

Notorious Typosquatting Stories

Fake Site

paypal_fake.png

Real Site

paypal_real.png

This past January, the Paypal website fell victim to a phishing attack campaign that was operated via typosquatting. Multiple domains were built that impersonated the Paypal site, i.e “security-paypal-center[.]com.”


OpenDNS, the firm that detected the attack, described the attack’s anatomy as the following:

paypal_opendns.png

Technology Doesn’t Fail the Phish

Our defense lines to typosquatting and phishing campaigns are not only our human detection abilities. Through natural language processing (used in our Argos intelligence tool), typosquatting phishing domains are detected automatically.

CTA_argos.jpg

That being said, awareness is key. Before (and while) Argos 2.0 maps your online presence and automatically identifies attempts at typosquating looking like your own domains. Employees must know the problems that lie at risk as they are still at the forefront of cyber attacks. 

SUBSCRIBE

download.jpg