This week marked the announcement of the Heartbleed Open SSL threat to secure websites, and everyone scrambled to fix the bug which left open the door to hackers wanting your login information and other valuable data.
As many of the affected sites have now been fixed, and users are updating their passwords, we wanted to expose a related threat in the domaining space, which could be considered even MORE dangerous than Heartbleed as it is occuring on domains that are beyond your control… unless you know what to do.
You see, an alternative to hacking your site is to create a mockup or clone of your site on another domain. E.g. let’s say your site is mybigonlineshop.com then some hacker might go and get the domain secureshoppingonline.shop and create a subdomain like mybigonlineshop.secureshoppingonline.shop where the user barely sees the actual domain in their browser, as in the picture below (Dr. Evil lurking there…):
See how the desired domain doesn’t fully show the actual domain? For most consumers they will assume they are on the desired domain, but instead they are on a phishing site that could look EXACTLY like the desired domain. What these phishers now do is have a login/order/whatever page where they capture your credit card info, or passwords, etc. – just like the Heart Bleed bug exposed vital information to hackers.
In some cases we’ve seen clone sites that sell knockoffs of the original e-commerce site’s product. You might never get the product you wanted or at most it’s a cheap copy – very profitable for the scammers.
So you’re wondering how do these sites get traffic? Well one very sneaky way is to use typo domains to skim traffic from your brand. The only way to stop these people from doing this is to monitor your brand 24/7 and keep an eye out for new variations of your domain, as they could be affiliates or hackers getting ready to steal traffic from you – and they’ll send your customers wherever it’s most profitable… but the profits won’t be yours 🙁