Cybersquatting, a method of tricking victims into visiting malicious websites, hit an all-time high in 2022, according to a new report.
Data from the World Intellectual Property Organization (WIPO), analyzed by Atlas VPN, found that the organization received 5,616 cybersquatting disputes this year, an increase of nearly 10% compared to 2021.
Domain squatting is a method by which scammers try to use typos (or recklessness) to get people to visit their malicious websites. There are many forms of domain name squatting, including domain name phishing, combined domain name squatting, etc.
Domain squatting variants
Phishing is arguably the most popular of these methods, allowing threat actors to register domain names that appear to be identical to those of legitimate businesses. So, for example, Amazon might be Anazon, Amazon, and Netflix might be Netflix (capital i instead of L).
Combosquatting is also a popular technique that revolves around combining domain names with additional words such as “payment,” “support,” or similar. So, for example, Amazon might be amazon-support.com, and Netflix might be netflix-payment.com.
With cybersquatting, threat actors hope for two things: either people type in the wrong address themselves, or scammers share the link via email or social channels and hope that no one notices the misspelling or obvious fake domain name.Malicious websites are designed to look identical to legitimate websites and are designed to identity theft and login data.
Atlas VPN further claims that the number of cybersquatting complaints has been steadily rising over the years. Compared with 2000, domain name squatting disputes increased by 202%. During this period, the total number of complaints has exceeded 61,000.
A larger, more recent campaign included an unknown threat actor setting up more than 200 malicious domains and impersonating more than two global brands to distribute a variety of malware for the Android and Windows operating systems. Some of the brands impersonated in the attack include PayPal, SnapChat, TikTok, and more.