Cybersquatting, a method of tricking victims into visiting malicious websites, has reached record highs in 2022, new reports have claimed.
Data from the World Intellectual Property Organization (WIPO) analyzed by Atlas VPN found 5,616 cybersquatting disputes filed with the organization this year, representing almost a 10% increase compared to 2021.
Cybersquatting is a method in which crooks try to leverage typos (or recklessness) to have people visit their malicious websites. There are various formats of cybersquatting, including typosquatting, combosquatting, and others.
Typosquatting variants
Typosquatting, arguably the most popular among the methods, has threat actors registering domain names seemingly identical to the ones belonging to legitimate businesses. So, for example, Amazon might be Anazon, Amazom, while Netflix could be NetfIix (there is a capital i instead of the letter L).
Combosquatting is also a popular technique and revolves around combining the domain name with an extra word such as “payment”, “support”, or similar. So, for example, Amazon might be amazon-support.com, while Netflix could be netflix-payment.com.
With cybersquatting, threat actors are banking on two things: either people will mistype the address on their own, or the crooks share the link via email, or social channels, and hope no one notices the typo or the obvious fake domain name. The malicious websites are designed to look identical to their legitimate counterparts, and are built to steal identity and login data.
The number of cybersquatting complaints has been steadily rising over the years, Atlas VPN further claims. Compared to the year 2000, there’s been an increase of 202% in cybersquatting disputes. The total number of complaints has exceeded 61,000, in that time period.
One of the bigger, and more recent campaigns, included an unknown threat actor that set up more than 200 malicious domains and impersonated more than two dozen global brands to distribute all kinds of malware for both Android and Windows operating systems. Some of the brands impersonated in the attack included PayPal, SnapChat, TikTok, and others.