UK banks including Barclay's, HSBC, Lloyd's, NatWest and Standard Chartered, have a total of 324 domain spoofs controlled by cyber criminals that are aimed at fooling customers and retrieving their information.
Security research and intelligence company DomainTools found 110 fake HSBC websites, 74 fake Barclays websites, 74 fake Standard Chartered websites, 66 fake NatWest sites, and 22 sites that mimicked Lloyd's Banking Group.
Researchers used the PhishEye's proprietary algorithms to identify and surface examples of websites using fake websites which looked or sounded similar to the official websites of UK banks. It uncovered 324 'high risk' domains in just four days between 27th and 31st of March.
The researchers judged which domains were 'high risk' by using DomainTools Reputation Engine - a score in the range of 70 or higher indicates that a domain is closely connected to others that have already been blacklisted for spam, malware or phishing.
Some of the sample high risk domains included: barclaysbank-plc[.]co.uk, www-barclays.com, hsbcgrp[.]com, lloydstbs[.]com, natwestbusinessbanking[.]co.uk and standardchartered-bank[.]com.
"Imitation has long been thought to be the sincerest form of flattery, but not when it comes to domains. While domain squatters of the past were mostly trying to profit from the domain itself, these days they're often sophisticated cyber-criminals using the spoofed domain names for more malicious endeavours," said Kyle Wilhoit, senior security researcher at DomainTools.
Wilhoit suggested that many of these criminals will simply add a letter to a brand name, such as Domaintoools.com, while others will add letters or an entire word such as ‘login' to either side of a brand name.
"Users should remember to carefully inspect every domain they are clicking on or entering in their browser. Also, ensure you are watching redirects when you are going from site to site," he advised.
Insecticides based on sulfoxaflor might be as bad for bees as neonicotinoids
Intel teases forthcoming new graphics card accompanied by the text "We will set our graphics free"
Think your password manager is completely secure? Think again...
ARM plans 7nm 'Deimos' for 2019 and 5nm and 7nm 'Hercules' for 2020