250 domain names were filed at the end of August, usurping the names of public services and popular businesses. These new addresses will potentially be used for future phishing campaigns.
A slew of dubious domain names were filed in the space of a few days, presumably for future phishing campaigns. On August 20, 133 names were bought, usurping the name of public services and well-known companies such as Leclerc, McDonalds, Caisse d’Epargne, or even pornographic sites like Jacquie and Michel. Cybercriminals usually modify only one letter to deceive the Internet user, or duplicate the “www” prefix in the name. Example: “www.impot.gouv.fr” becomes “www.wwwimpotsgouv.fr”.
Previously, 117 other domain names were filed on August 19, still with the same technique. In total, more than 250 names have been purchased by the end of August, notes Nicolas Pawlak, civil defense engineer and administrator of the “Red Flags Domain” alert blog. You can find the full list on their website.
Future malicious sites in preparation
Victimized companies and institutions can report fraudulent use of a domain name to Afnic, the registration office designated by the State for the management of domain names in fr. Nevertheless, it must be proven that these sites were created for a malicious purpose.
Cybercriminals call on developers to reproduce the platform they intend to usurp. You will then find these sites and their malicious address in links embedded in phishing emails, designed to trick you.
The majority of names have been registered with the German company Key-System, a company which already manages more than 4 million domain names. Impossible to verify each name individually since thousands of new addresses are created every day.
In the meantime, on your side, remember to take a look at the address of the site you are consulting, if it seems doubtful to you.
Subscribe to Numerama on Google News to not miss any news!
