Recently we hosted a webinar on Phishing & Whaling—How to Protect Yourself and Your Team. Melinda, one of our Solutions Executives, and Stormy, from our vCISO team, shared real-life examples and valuable insights to help educate business owners on the threats they face on a daily basis.
As Stormy explained examples of whaling attacks, one of our audience members posed an intriguing question: if cybercriminals are purchasing lookalike domains in order to phish you, would leasing multiple domains help prevent that?
Stormy’s answer? Both yes and no. Let’s get a little more context.
One common scheme used in phishing attacks is domain spoofing, where a criminal leases a domain that is very similar to yours. For example, if your website is www.LawFirmABC.com, the attacker might lease www.LawFlrmABC.com, swapping the I for an L. Then he sets up an email address at that domain and sends an email to one of your team members posing as an employee. The swapped letter is easy to miss during a quick scan of an email that otherwise looks legitimate.
THE PROPOSED SOLUTION
Given that this scheme relies on the domains being fairly similar, the concept is that if you’re leasing multiple lookalike domains, you’ll keep them out of criminal hands and protect your organization against this type of attack.
In theory, yes, this could help. In fact, large companies like Google do this for this exact reason. When our own team uses domain spoofing during a social engineering campaign for a client, we turn any lookalike domains we leased over to the client’s control after the campaign ends. However, leasing multiple domains is not enough.
THE BETTER SOLUTION
In practice, this defense isn’t really practical; there are too many possible combinations to feasibly lease them all. Plus, it could lull your team into a false sense of security. The money you might spend leasing those domains would be better invested in cybersecurity awareness training for your employees. Staying alert and on guard at all times is vital to maintaining your organization’s security.
FIT Cybersecurity provides cybersecurity education and social engineering campaigns to organizations across all industries. If you’d like to test your company’s defenses or your team’s awareness of common cybercrime tactics, give us a call today at 888-683-6573 or contact us here.