Top insights for IT pros
From cybersecurity and big data to cloud computing, IT Brew covers the latest trends shaping business tech in our 4x weekly newsletter, virtual events with industry experts, and digital guides.
Threat actors are using well-known retail brand names to carry out a number of cryptocurrency scams, and the number of fraudulent attacks is increasing.
That’s according to new research from cybersecurity company DomainTools. Its CISO Daniel Schwalbe told IT Brew that it discovered the scams after detecting a fraud site through one of its monitoring tools.
“We ended up finding 5,000+ domains that were all related to this,” Schwalbe said.
Break it down. The resulting report details the three main “clusters” of scam attacks they detected:
- E-commerce domain fraud. This is when attackers use dummy sites that appropriate the appearance of established retail web pages to gain unsuspecting customer trust. They use these sites to draw traffic and commit fraud, taking customer money for items that don’t exist.
- Brand impersonation. Using familiar looking sites with urls that don’t quite line up—like “amazon2000.com” and “amazon300.com,” for example—attackers lure in desperate people with promises of making money through the fake outlet. Users are told to invest in crypto as a part of the scam and to recruit other potential victims.
- Crop of imitators. The success of the first two clusters has led to copycats. Using different domains, attackers leverage brand reliability to engage in crypto scams.
Unethical approach. All the scams are using consumer trust to manipulate users. But taking advantage of people who are in dire straits is particularly vicious, Schwalbe told IT Brew.
“I find cluster two the most insidious, because not only is it using brand impersonation to get people’s eyeballs and attention, it also is dangling the hope of a potential side hustle,” Schwalbe said. “People are trying to make ends meet and taking on gig economy jobs, second, third jobs, just to make ends meet, and the second cluster preys on that in that it uses the brand as a lure.”
Schwalbe added that mobile device usage has increased the scope of the problem due to website layout constraints on handheld devices.
“One thing that is working very much in favor of the adversary is the fact that over half the world’s population accesses the internet from a mobile device—because what do mobile browsers do as soon as you go on the site, it hides the URL, because that's boring,” Schwalbe said. “Why would that need to take up screen real estate on a small device?”