Phishing Report 2022Q3(Cyber Security Companies)
Information is everything, and threat actors constantly try to steal this data from victims.
Threat actors do several things to gain victims’ sensitive information, but social engineering is their favourite.
In social engineering attacks, threat actors convince the victim to give sensitive information and exploit this information in many ways.
To convince the victim, sometimes they register the domain name, imitating some famous brands. This technique is widespread but effective.
Threat actors register the domain name imitating the original domain, and try to phish the brand’s customers and employees.
Example 1: facebook-login.biz; facebook-messenger.net
Example 2: bank-of-america.one; bank-of-singapore.net
Example 3: netflix-verif.info; netflix-suspension.info
Example 4: 5g-amazon.com, store-amazon.com
Imagine if you receive an email from a domain that claims to be coming from an Antivirus company, and you are using this antivirus in your production. This email asks you to click on some link to update the information or anything that gathers sensitive information from you; 96% of people give away their data. This number shows how effective this technique is. All this through social engineering, so your technical controls can stop this. The only ways to prevent this are awareness and research.
The research will help you understand the threat actors’ patterns and behavior.
So we started building the list of domains imitating these cyber security brands.
Here is the list of domain names registered in the 3rd quarter of 2022, imitating cyber security companies and their domain name.
Also Read: The Importance of ISO 27001 for Business Growth Click Here
Our tweet feed:
List of Domains Imitating Cyber Security Companies
Cyber-Security-Companies-3rd-q-2022Download
In the above graph, McAfee was the choice for this quarter. Threat actors are targeting the users and employees of McAfee. McAfee is mainly used in personal computers and is offered with the pre-build image when you purchase a new laptop or desktop. Most laptop and desktop manufacturers are offering free 6 Months or one year of McAfee protection with their products.
Dell, Asus, and HP provide free evaluation protection for McAfee.
Some of these manufacturers provide 30 days to 6 months of free subscription, and after that, you have to renew it. McAfee sends you promotional emails and notifications during this evaluation period, which may be why these threat actors are registering the domains imitating McAfee. Maybe the success rate of this type of campaign is higher.
Example 1: mcafeemobilesecuirty.com
Example 2: malwarebytesupport.online
So the conclusion is that before clicking on any link
–PLEASE CHECK THE DOMAIN NAME—
Never share any sensitive information over email; if there is a need to do so, check with your vendor, call them, ask them why they need this information, and if you are satisfied with their answer, send it to only verified email addresses; otherwise, there is no need to do so. Meanwhile, we will publish such reports regularly. This is our first report, and we promise to improve the quality in future publishing based on your feedback.
Also Read: Why SMBs Are High on Risk Click Here