Look-alike Domain Scams on the Rise
Scams involving "look-alike" domain names have risen dramatically according to a security company. It suggests the attacks, which trick people into visiting or trusting a site based on what looks like a legitimate domain name, are up more than 400 percent in the past year.
The report comes from BlueVoyant, a company which offers cybersecurity services to a range of companies. It looks at two main forms of look-alike scam. (Source: bluevoyant.com)
One is to replace characters in a domain name with easily mistaken characters such as MICROS0FT.com or goog1e.com. The other is to use the correctly spelt domain name but register it at a different top level domain, for example using legitbusiness.site to pose as legitbusiness.com.
Four-Fold Increase
According to the report, the number of cases reported by a "well-known American financial services company" rose steadily from 100 per month in February 2024 to nearly 450 per month in January 2025.
Those figures might not be totally reliable as, for example, the company may have made it easier to report cases, or its staff may have upped efforts to spot them. However, it does suggest a long-standing scam tactic is on the rise.
'HR Messages' Among Scams
The report also notes that while such tactics were originally used mainly for generic phishing scams or simply distributing spam, attackers use them look-alike domains for a range of sophisticated attacks these days. They include: sending bogus invoices to businesses with a link to a fake payment page; attempts to get hold of a user's login details for a legitimate account; bogus messages to workers that appear to be a boss and ask for sensitive information such as trade secrets; and fake messages that appear to be from an HR department or recruitment company, designed to get people to hand over details such as Social Security Numbers. (Source: infosecurity-magazine.com)
Perhaps unsurprisingly, BlueVoyant recommends a range of automated approaches to tackling the problem. These include scanning messages to spot domain names that are close matches to legitimate, well-known domains. They also include ongoing monitoring of potential scam sites to spot if and when they start hosting dangerous content such as requests for user details.
What's Your Opinion?
Have you ever spotted or been fooled by a lookalike domain? Do you trust your security tools and services to catch them? Should domain registrars block registration of addresses that could be used for scams?
My name is Dennis Faas and I am a senior systems administrator and IT technical analyst specializing in cyber crimes (sextortion / blackmail / tech support scams) with over 30 years experience; I also run this website! If you need technical assistance , I can help. Click here to email me now; optionally, you can review my resume here. You can also read how I can fix your computer over the Internet (also includes user reviews).
We are BBB Accredited
We are BBB accredited (A+ rating), celebrating 21 years of excellence! Click to view our rating on the BBB.
Comments
I am seeing this on Youtube right now
I watch a fair amount of Youtube, and I'm interested in what the markets are doing based on the new and changing policies of the Trump administration.
Lately I've been seeing a lot of seemlingly random Youtube comments promoting "Elon's xaicotum" (posted by malicious bots) with 1000 likes and 15+ comments. If you search google for "elon xaicotum," you'll see a bunch of fake websites that use the X (formerly twitter) logo as well as NBC's logo to make it look like these are legit news sources talking about the latest crypto revolution, when in fact they are not. If you visit one of the top results promoting xaicotum, it's a crypto-based site claiming there will be a price increase in the shares, so you have to buy it straight away. SCAM SCAM SCAM!
As AI gets stronger, social media will turn into a very dark place with fake comments similar to what I just pointed out, but used for propaganda. I have no doubt it's already happening but it's going to get a lot worse in the coming years. In my opinion, social media is already very toxic, but this is really only the beginning. Paid / fake protesters are yet another evil. Sometimes I wish I could go back to the 80's when things were simple and genuine, even with bad hairdos.
domain name scams
This is a good one. They tried it on me twice and failed.
Got an email from a name's registration company based in China.
asking if I had any sites of the same name with.CN
As I said, NO said that a client of theirs wanted to buy all the domains with.CN and the same name as my site, and that under the rules, I would have the chance to buy them first.
If I said we wanted to buy them would have been offered to register them at a very High (I think) price to prevent the company name from buying and using) A lot of large companies would immediately want to buy to protect their name. There is NO BUYER (or name of friend's company pretending to be one). No one would want the names I had, as nothing like any large company.
I explained would not pay one penny for any.CN name as no use to me.
And to explain to their "client" That if they bought them I would help their business by linking hard core legal adult porn to the sites to help their business along, as being the same name could not block it.
No further emails..so far.