Phishing

Phishing” refers to all the techniques used to capture confidential information needed to commit a crime. Trademarked domain names are regularly used for phishing.

The fraudster will pose as a familiar organization (bank, social security fund, tax office, etc.), using its logo and name. The fraudster will send a number of e-mails asking the victim to update or confirm their banking details, following a technical incident.

The url link used to enter your details is most frequently a counterfeit of the attacked brand’s website such as that of a bank or e-commerce site). In 2016, 400,000 phishing sites were detected every month.

Fake website copy to collect personal data

In August 2017, Airbnb, recovers the domain name airbnbnow.com used for phishing and whose website reproduces that of the platform for renting accommodation from individuals. Google encounters a similar case of cybersquatting with the domain name web-account-google.com copying its website to retrieve users’ personal information (email, password).

In January 2017, the Crédit Mutuel bank recovered the domain name credit-mutuelgroupe.com used for phishing purposes. This name associating the brand with the term groupe was the address of a website slavishly copying the source code of the financial institution’s official website without authorization.

In June 2017, the same applicant recovered cic-financial-bk.com, whose website offers banking and financial services. For the expert, this cybersquatting domain name CIC sought to establish a phishing site or with a similar fraudulent purpose, which corresponds to use in bad faith.

In December 2016, Carrefour bank recovered the disputed domain name carrefourbanque-fr.com used to retrieve personal information from Internet users.

Shipping group CMA CGM has detected a typosquatting of domain name cma-cgmn.com used to send emails to the company’s customers asking them to provide banking information in a phishing scheme.

Personal data collected by false support services

In January 2017, Google recovered 5 domain names associating its Gmail email service with support (e.g. gmailsupportusa.com). The website attempted to impersonate Gmail in order to sell the personal data collected from deceived Internet users.

Dell has dismantled a network of 98 dell-chat-support. com-type Internet addresses attempting to impersonate the computer manufacturer’s support team in order to obtain the personal data of deceived customers.

The social network Twitter has put an end to a specific phishing scheme called ” tech support scam pop-up ” via the disputed domain name twittertour.com. The associated website told users that their computers had been hacked and that they needed to re-enter all their personal information. In 2018, the Snapchat app recovered a domain name associating it with hack and online enabling users’ accounts to be hacked.

Espson printers have recovered a domain name squatting on their trademark in the NewgTLD .SUPPORT. The domain name epsonprinter.support was used by the defendant in an attempt to pass itself off as an official support service.

Solidnames alerts allow brands tobe notified daily of the registration of a domain name used for phishing.

Solidnames’ SecURL service warns users of changes in web usage of monitored names. SecURL detects the setting up of a website for a phishing operation and the activation of mail associated with a domain name used for phishing.