CS Jan-Feb 2024
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
phishing<br />
PHISHING FOR THE ANSWERS<br />
DOMAIN PHISHING SCAMS HAVE NOW REACHED LEVELS NEVER SEEN BEFORE.<br />
CONSTANT VIGILANCE CAN ENSURE THAT THEY DON’T PROVE SUCCESSFUL<br />
Businesses, consumers and individuals<br />
all profit from advanced technology in<br />
various aspects of their lives. However,<br />
cybercriminals also reap the benefits of innovative<br />
digital tools employing creative domain<br />
name phishing methods, points out Brian<br />
Lonergan, Identity Digital's vice president<br />
of product strategy. "This underscores the<br />
importance of domain names in cybersecurity<br />
for any business - from international corporations<br />
to local businesses. The good news is<br />
that there are ample tips and measures to<br />
ensure their safety," he states.<br />
Security must be a key factor when buying<br />
or upgrading a domain name, he adds,<br />
and working with the right domain registrar<br />
can make all the difference. Different<br />
registrars and registries will offer varying<br />
security measures, and it's important to<br />
review everything they offer to make the<br />
best decision for your organisation's specific<br />
needs. "For instance, Identity Digital includes<br />
Homographic Blocking for any Identity Digital<br />
domain to enhance protection against<br />
phishing attacks. In this type of phishing,<br />
attackers use characters similar to legitimate<br />
domain names, like replacing 'O' with '??'.<br />
They may also manipulate domain names<br />
using plurals or hyphens.<br />
"Homographic blocking technology identifies<br />
and blocks malicious domain name variants,<br />
safeguarding the brand from compromise,"<br />
comments Lonergan. "Additional practices<br />
companies should be vigilant against are<br />
domain name system [DNS] attacks, namely<br />
cache poisoning.<br />
"During a cache poisoning attack, a fraudster<br />
sends malicious DNS responses to a DNS<br />
server, which can contain false information,<br />
associating a valid domain with a malicious IP<br />
address, leaving victims vulnerable to spoofing<br />
attacks. One way to help prevent this is by<br />
working with a domain name registrar that<br />
offers Domain Name System Security Extensions<br />
[DNSSEC], which, when enabled, add<br />
cryptographic security to DNS responses."<br />
A quick and simple way to spot an attack, or<br />
the possibility of one, is by paying attention<br />
even to the tiniest variation in written communications,"<br />
he adds. "Be it an email, a text<br />
or a website's copy, all of that can indicate<br />
something malicious afoot. Any deviation in<br />
fonts, brand colour schemes or logos, website<br />
designs and, of course, grammar and spelling<br />
suggest that you might be looking at a poor<br />
imitation. Cybercriminals perpetuating phishing<br />
attacks do not put the same effort into maintaining<br />
the high calibre of branding and visual<br />
identity of the businesses they imitate."<br />
Security of one's domain name should be part<br />
of a business's overall security strategy, he says.<br />
"Luckily, we have more helpful means at our<br />
fingertips than ever before to stay ahead."<br />
Domain phishing scams have now reached<br />
unprecedented levels, says Steve Herbert, head<br />
of service delivery, Nominet. "However, these<br />
are not the phishing scams of old:<br />
cybercriminals have evolved their tactics, now<br />
meticulously crafting websites that mirror<br />
legitimate domains with alarming precision,<br />
making it increasingly challenging to<br />
distinguish between the authentic and the<br />
fraudulent."<br />
TACTI<strong>CS</strong> HAVE MOVED ON<br />
In the three months prior to December 2023,<br />
Nominet identified and blocked more than<br />
450 fake shops using .UK domains, which<br />
employed the same fake storefronts selling<br />
popular high street brands. "The threat actors<br />
got so desperate to reinstate these domains<br />
that they attempted to impersonate Nominet<br />
staff via LinkedIn," reveals Herbert. "These<br />
efforts were unsuccessful, of course, which<br />
is a great result for our staff and security<br />
procedures."<br />
22<br />
computing security <strong>Jan</strong>/<strong>Feb</strong> <strong>2024</strong> @<strong>CS</strong>MagAndAwards www.computingsecurity.co.uk