The Phishing season is on and it is year round because the phishing is so good with bogus domains as bait. Domain phishing is where hackers create domains that are nearly identical to a brand name website and most consumers will never know the difference until their credit card is used or they receive counterfeit products through the mail. Chris Olson, CEO at The Media Trust commented below.
Chris Olson, CEO at The Media Trust:
“Domain phishing is a pervasive issue throughout the digital ecosystem. Most businesses only worry about the brand damage consequences when a bad actor leverages their name to trick consumers. What you don’t hear much about is the increasing number of situations where bad actors do the same to trick other businesses–injecting a spoofed domain into an enterprise website. In fact, The Media Trust is currently alerting clients to this exact situation where a bad actor is actively spoofing a well-known payments platform used by many ecommerce sites. Appearing as legitimate code to the website operator, the spoofed domain surreptitiously collects consumer payment information. This happens more often than you think. Without identifying and authorizing the domains executing, the website operator won’t evaluate–let alone detect–the modified domain.”
About the Author
The opinions expressed in this post belongs to the individual contributors and do not necessarily reflect the views of Information Security Buzz.
