Like most organizations, you are probably inundated with phishing e-mails every day. It’s astonishing how actively overseas criminals target American companies with impunity. And while most of these phishes are obvious to identify, there are always a clever few that might just fool you. If you look closely, you’ll notice that there are basically three types of phish sender addresses that will target you and your company:
1. The obvious sender address where you can tell immediately that the e-mail address is not somebody you know (e.g., XYZ123@aol.com).
2. The lesser obvious e-mail address that appears to possibly be from somebody you might know, but if you hover your mouse over the address, you will see that it’s what we call a “Spoof” and is from an address that you immediately realize is not somebody you know.
3. The Typosquat Spearphish e-mail address that looks almost exactly like an e-mail address from somebody you know and has information to convince you that you do know them. These are the e-mails that may trick you, and will very likely trick your investors if they are targeted with Typosquat phishing e-mails that appear to come from you.
If you’ve never seen a Typosquat e-mail address, this is what it looks like: Instead of an e-mail coming from name@BWCyberServices.com, the e-mail will come from name@BWCyberService.com (note that there is no “S” at the end of the word ‘service’ in the fake e-mail domain name). This attack is very easy to perform and very difficult for most recipients to recognize. More insidiously, if and when you or one of your investors are the recipient of a Typosquat e-mail, it most likely means that you or your investor has had their e-mail hacked and the criminal is attempting to perform a financial crime – almost always, wire fraud.
So, how do you prevent Typosquat Spearphish attacks against you and your investors?
BW Cyber’s Typosquat Domain Assure service is designed specifically to minimise this risk. It takes a nine-step approach to analysing your risk and preventing Typosquat attacks before they take place and most importantly, we will perform unlimited take downs of any malicious domains attempting to typosquat your email domain:
– Screen Scrape Protection: detects if your website is cloned to another domain to attack clients and partners
– Iframe Attack Protection: prevents your website from being pulled to another domain via an iframe
– Monitor all lookalike domains to prevent spearphishing attacks on staff, clients, and partners
– Monitor typosquat domains to prevent attacks on your staff, clients, and partners
– Detects any domain using your domain as a subdomain (example: yourdomain.superscam.com) – Monitors all similar domains that contain “yourdomain” to prevent spearphishing attacks using the unlimited extensions available (example: yourdomain.co, yourdomain.info, etc.)
– Monitors DNS including MX records of all lookalike, typosquat, and similar domains to detect if a harmless domain turns malicious
– Take down services for all lookalike, typosquat, and similar domains that are found to be malicious
– TDA Prevent Option: Purchase lookalike and typosquat domains and forward them to primary domain so they cannot be used to attack your staff, clients, and partners.
Without a doubt, Typosquat domain attacks account for 99% of all wire fraud investigations performed by BW Cyber. Typosquat Domain Assure would have prevented most, if not all, of these attacks had the organizations in question utilized this service.
For more information about Typosquat Domain Assure contact BW Cyber today. You’ll be surprised at the risks out there, but equally surprised at how easily these attacks can be prevented with Typosquat Domain Assure.
