Internet Forensics

4.5. Similar Domain Names

A simple and widely applied form of trickery for phishing attempts is to use domain names that look very similar to the original. Here are a few of many examples:

Real domain name

Fake domain name

citibank.com

mycitibank.org

citizensbank.com

citizensbankonline.com

usbank.com

ussbank.net

firstusa.com

firstusaonline.biz

washingtonmutual.com

washingttonmutual.com

Companies such as PayPal and eBay try and protect themselves by registering a range of domain names similar to their primary domain. But a creative scammer will always be able to come up with some new twist on the name that has not yet been registered. Netcraft's web-based DNS search tools (http://searchdns.netcraft.com) can show the scale of the problem. Select the site contains option, enter a name such as paypal, and see how many web servers are reported that match. Some of these are legitimate but a lot of them look very dubious.

Related

Категории