People loathe the idea of destruction, particularly when it is the destruction of property or of life one is talking about. The destruction of the good name of a person, however, is a completely different matter. Identity is something that is very dear to every human being, and we strive to protect our identity at all cost. The same rings true in the web space.
A domain is a unique identity of who/what you are on the Internet. According to statistics globally, most organizations and individuals are ‘going digital’ that is, carrying out their businesses online e.g. e-commerce. This has led to there being a lot of Cyber space attacks, and one of them is through creation of Fake Domains.
What is a Fake domain?
This is the imitation of a legit/real domain by malicious individuals to impersonate a person or entity for purposes not limited to defrauding for monetary gains and carry out malicious activities such as harvesting personal identifiable information (PII), defamation, spoofing, phishing and deploying of malicious software.
Common characteristics of a fake domain
With the uniqueness afforded to a domain name that is legit, there are some telltale signs and characteristics that one can us to identify a fake domain. They include:
- Homograph Attacks – Using different characters to construct a malicious domain that looks similar to a legitimate domain.
- Combo squatting – Combining recognizable brand names with other keywords to create fake domains.
- Domain phishing – is a scam to trick email recipients into handing over their account details via links in emails posing as their registrar.
- Typo-squatting – Common misspellings or typos. It includes hijackers register misspelt versions of a genuine domain name to send the traffic to malicious sites.
How to recognize a Fake Domain
It is not easy to identify a fake domain unless one is very keen. Below are tips on how to recognize or check if a domain is fake;
- Pay attention to the URL.
- Check connection security indicators. i.e. https(secure and good), http(not-secure and not good)
- Look at the contact section. Majority of fake domains give scanty information about an organization/person
- Overabundance of ads.
- Check the digital footprints. e.g. the reviews.
- Check and verify the WHOIS details of a domain.
- Check the shipping and return policy for the e-commerce businesses.
- Check out for the payment methods.
So the question then becomes, “how do I navigate through these issues?” Well, good practices and habits come into play. Form these habits and you might be much the wiser in dealing with fake domain accounts.
- Avoid clicking links to download suspicious content. Not everything that invites you to “click here” is friendly or even beneficial. Truth be told… You might find yourself saving time just avoiding them anyway.
- Install a reputable antivirus software and keep it updated. The internet is dynamic and not static. That means there will always be something new on the internet. That includes threats. Therefore… Don’t ignore those updates.
- Do not share your personal identifiable information (PII) online. Consider this as your personal space. You wouldn’t want everybody crowding your space.
- Do not open suspicious texts, pop-up windows or click on links or attachments in emails. Real life application is… you wouldn’t enter a van with no windows and a questionable driver. Would you?
- Always use a strong password. Avoid auto saving. You determine your own security. Don’t be lax about it.
- Be vigilant and always check for authenticity of a website or email. It doesn’t take much of your time.
- Beware of any requests for your details or money. Be cautious. Better safe than sorry.
- Be wary of unusual payment requests. Always check through those payment terms and conditions. It wouldn’t hurt talking to your bank rep about these issues.
- While using public Cyber cafes always ensure to logout from your accounts .i.e. Facebook, emails.
- Having monitoring systems in place that help detect any malicious/fraudulent attacks.
- Apply for domain privacy protection.
Users should always be on the lookout for any suspicious activities online. Any suspicious activity should be reported to the relevant authorities for action.
It is also the responsibility of every individual/entity to take adequate protection against all forms of online attacks. One of them is by practicing the above recommended best practices to avoid falling prey to malicious attackers.
With that said… in regard to fake domain names… Shakespeare said it best.
“Good name in man and woman, dear my lord,
Is the immediate jewel of their souls:
Who steals my purse steals trash; ’tis something, nothing;
’twas mine, ’tis his, and has been slave to thousands;
But he that filches from me my good name
Robs me of that which not enriches him,
And makes me poor indeed.”
― William Shakespeare, Othello