NameSilo

How Attackers Used Look-Alike Domains to Steal $1 Million From a Chinese VC

Labeled as news in General Domain Discussion started by dncafe, Dec 8, 2019.

Replies:
3
Views:
261

  1. dncafe

    dncafe Upgraded Member Blue Account ★★★★★★★★★★

    Posts:
    1,250
    Likes Received:
    235
    Full article: https://www.darkreading.com/attacks...-$1-million-from-a-chinese-vc-/d/d-id/1336547
     
    The views expressed on this page by users and staff are their own, not those of NamePros.
  2. Not a robot

    Not a robot Established Member

    Posts:
    112
    Likes Received:
    119
    Companies need to vigilant.

    I have heard another case a while ago where a rough employee sends an e-mail to a customer about bank account. Several misdirected payments were made before it was discovered.

    B2B scam can’t be hard to detect. We use G Suite and Gmail would warn you if it senses something suspicious, but an employee who’s untrained in security or in a hurry could outright discard the warning. Admins can manually setup filters, but it took foresight and a lot of manual action on mail queue.

    There is always a problem of misdirected mail, especially if you don’t have a .com domain. It’s easy to direct a mail to .com or .co if your extension is .cc . Even company employees can make such mistake when CC’ing colleagues. It’s a problem when people don’t check mail bounce message. It’s a bigger problem when admins set up catch-all mail account so there isn’t a bounce message.

    And also exact-match .com can be either too expensive or already used by someone else.
     
  3. lock

    lock PremiumNameDomain.com VIP

    Posts:
    3,508
    Likes Received:
    3,190
    Totally acceptable apparently as long as IDN is disclosed and nobody researches. No attack is required to fake a domain.
     
    Last edited: Dec 12, 2019
  4. lock

    lock PremiumNameDomain.com VIP

    Posts:
    3,508
    Likes Received:
    3,190
    I have had mail hijacked sites hacked is awful experience when email especially with emails sent.
     

Want to reply or ask your own question?

It only takes a minute to sign up – and it's free!
Topics / Tags:
NameWorth
  1. NamePros uses cookies and similar technologies. By using this site, you are agreeing to our privacy policy, terms, and use of cookies.
    Dismiss Notice
Loading...