Look-Alike Domains: A Strong Indicator Your Network Might Be Compromised

Last week, a client reached out with a pressing concern. Their customer had paid a $30,000 bill via ACH after receiving an email from the client’s assistant instructing them to switch from checks to ACH payments. However, the customer later claimed the bill was already settled and provided proof of payment to a different account.

 

Upon investigating, it was revealed that the email had come from a Look-Alike Domain. Instead of our client’s legitimate address, johnsmith@abccompany.com, the email was sent from johnsmith@abccompanys.com.  As you can see, that ‘s’ is just a minor tweak, but it was enough to deceive their customer. Unfortunately, both the client and their customer were cheated out of $30,000 due to this phishing scheme.

 

Look-Alike Domains are deceptive and closely resemble legitimate domains, often with minor changes. They are commonly used for phishing or fraud, where a single character change, a different TLD, or a homograph attack can trick unsuspecting recipients.  Fortunately for our client, our cybersecurity solutions engineer quickly connected them with a provider who is conducting a forensic network assessment.  In a couple of days, they will report on the extent of the intrusion and how to remediate the issue.

 

Key Takeaways and Actions to Protect Your Company’s Network & Reputation

 

Train Your Staff to Recognize the Threat

 

  • Typo-squatting: Minor misspellings or typos in the domain name.
  • Character Substitution: Using characters that look similar, such as zeros instead of ‘o’s.
  • Homograph Attacks: Characters from other alphabets that resemble Latin characters.
  • Different TLDs: Using variations like .net instead of .com.

 

Take Measure to Protect Your Network Right Away 

 

  • Education: Invest in cyber awareness training so your staff recognizes phishing attempts and verifies email addresses.
  • Browser Security: Use advanced security tools to detect malicious sites.
  • Domain Monitoring: Regularly check for look-alike domains and act promptly.
  • Secure Domain Registration: Opt for domain services that offer protection against look-alike domains.

 

Simplify Cybersecurity with Expert Help

 

At My Resource Partners, we offer a FREE Cybersecurity Assessment to evaluate your current cybersecurity setup. Our highly credentialed cybersecurity solutions engineers will review your systems, provide a comprehensive Cybersecurity Roadmap. Your roadmap includes:

Cyber Awareness Training: Enhance your team’s ability to spot and handle phishing attempts.

Threat Detection Strategy: Implement robust measures to detect and mitigate potential threats.

 

With your your roadmap in place, we’ll quickly connect you with the right providers tailored to your needs and budget.  Let’s face it, it could take your team months to find the right solutions.  We can help you protect your network and set up a training program for your staff in weeks.

 

Don’t wait until it’s too late—contact us today to secure your network and protect your business from costly cyber threats.

 

Click Here to Schedule a FREE IT Assessment

 

back to top