The case of rareble[.]com is quite similar to the rarbile[.]com or the others discussed in the above section. The domain looks similar to rarible[.]com and is a typosquatting scam. What differs is the scam we end up at. Unlike the previous ones, this one leads users to a fake sweepstakes/ gift cards scam page.
This paragraph is for readers who are not aware of the fake sweepstakes/ gift card scams. Scammers offer prize money or gift cards to a user after playing a game. On rareble[.]com it's a spin-to-win game. At the end of the game, the page prompts users to enter their personal information – name, physical address, phone number (occasionally credit card information) or redirects them to a survey page. The user will never receive the prize they were promised but will give away personal information to the scammers.
Here is a video showing how rareble[.]com is being abused to mislead users to a scam page
Trend Analysis
Here is the list of the typosquatting attacks we discussed in this blog so far:
Domain Registration Date
wwwrarible[.]com 26th March 2021
rarbile[.]com 1st March 2021
rareble[.]com 1st March 2021
rareible[.]com 19th February 2021
If you see the domain registration date column, you can quickly point out that they were recently registered. In the first part of this series, I claimed that the spike in suspicious domain registrations is a precursor to scams that will pop up. The typosquatting domains in this blog are a subset of the suspicious mentioned in the first part of this series.
read more (securityboulevard)
This paragraph is for readers who are not aware of the fake sweepstakes/ gift card scams. Scammers offer prize money or gift cards to a user after playing a game. On rareble[.]com it's a spin-to-win game. At the end of the game, the page prompts users to enter their personal information – name, physical address, phone number (occasionally credit card information) or redirects them to a survey page. The user will never receive the prize they were promised but will give away personal information to the scammers.
Here is a video showing how rareble[.]com is being abused to mislead users to a scam page
Trend Analysis
Here is the list of the typosquatting attacks we discussed in this blog so far:
Domain Registration Date
wwwrarible[.]com 26th March 2021
rarbile[.]com 1st March 2021
rareble[.]com 1st March 2021
rareible[.]com 19th February 2021
If you see the domain registration date column, you can quickly point out that they were recently registered. In the first part of this series, I claimed that the spike in suspicious domain registrations is a precursor to scams that will pop up. The typosquatting domains in this blog are a subset of the suspicious mentioned in the first part of this series.
read more (securityboulevard)
