4 Myths About DNS Filtering
Trevagh StankardDNS filtering is essential in protecting against web-based threats such as phishing and malware. Here we explain the risks, features, and benefits of DNS filtering and it can protect employees...
In the run-up to Christmas, shoppers are warned to beware of "typosquatters," who prey on shoppers that misspell domain and website names. 'Typosquatting’ or ‘URL Hijacking’ are not a new phenomenon but recently there has been a significant increase in the number of these sites across the internet. Any company that gains a sizable online presence faces the threat of typosquatters, giant brands like Twitter, Facebook and Google have all been victims of typosquatters. Facebook and Google have in the past filed suits against alleged typosquatters contending that they are infringing on the company's trademarks, using domain names such as facebobk.com, fscecbook.com. One of the ways to increase the effectiveness of phishing campaigns is to utilize a typosquatting technique, a form of cybersquatting, where attackers register a domain name that mimics popular websites. Whether this is a mistyped domain name (Amaon instead of Amazon) or a letter substitution, this is an important technique to know about.
Cybercriminals are also reported to be registering legitimate sites with false suffixes such as '.org' or '.net'. With 80% of all online shopping taking place during office hours, employers need to be sure that when employees are shopping online using company equipment they are accessing safe and protected sites and not exposing the network and organization to threats that could have serious security and ultimately financial consequences. The retail industry is one of the worst-prepared for cyberattacks, yet it is also one of the most heavily targeted.
Fake retail websites tend to increase during the holiday shopping season. As with the fake charity sites, these bogus retail websites often register URLs similar to the actual store and also have valid TLS certificates that enable legitimate HTTPS transactions. This does not diminish the more standard online threats facing the retail industry, such as payment card skimming attacks, credential stuffing attacks and attempts on improperly secured databases; these are likely to also spike during the holiday shopping period.
With the continued growth of online ad networks, it’s getting easier for squatters to earn money off their ill-gotten traffic. A naïve or careless employee who falls for these scam websites believing them to be legitimate exposes the company's network and data which can have devastating consequences for a business compromising security and resulting in the expensive cleanup operation.
In preparation for the Christmas shopping spree and January sales, careful typing can help ensure company machines are not compromised but careful typing alone will not solve the problem.
As these techniques increasingly succeed, attackers will continue to use this attack vector. If you want to be protected from typosquatting, we recommend you use WebTitan Cloud DNS Filtering which automatically blocks phishing websites. Don't be the next victim.
DNS filtering is essential in protecting against web-based threats such as phishing and malware. Here we explain the risks, features, and benefits of DNS filtering and it can protect employees...
Uncover the dangers of workplace password sharing and outdated practices. Learn about secure alternatives like shared mailboxes and permissions and explore modern security practices in this must-read blog.
The imminent Cisco Umbrella Roaming Client End-of-Life has left many users uncertain about their next steps and exploring alternative DNS protection.
Sign-up for email updates...