Internet security

The word “Impostor” means “Phony, fraud, sham, pretender, cheat.”

Nobody likes to be taken advantage of or to have their hard work stolen. Unfortunately, this is a crime that has been committed for centuries, and the cyber world is no exception. And while many people are aware of hacking, scams, and ransomware attacks, there are two additional ways that criminals are using the web – creating impostor domains and email spoofing, also known as Business Email Compromise (BEC).

In recent weeks, the crime of Impostor Domains has made tech headlines. Impostor Domains, also known as a homoglyph, are defined by Glosbe as “a character identical or nearly identical in appearance to another, but which differs in the meaning it represents.” Microsoft defines the word as “the exploitation of similarities of alphanumeric characters by cybercriminals to create deceptive domains for unlawful impersonation of legitimate organizations.” The use of impostor domains is similar to another malicious practice is known as Typosquatting or URL hijacking, in which hackers intentionally register domains of well-known websites but with the domain intentionally misspelled.

One cannot go anywhere currently without Covid-19 being a part of the conversation. From retailers, restaurants, offices and places of worship, everyone has been affected. And, not surprisingly, the unscrupulous (hackers, phishing scams, and malware) on the Web have also found a way to take advantage of Covid-19.

Hackers, scammers, and others have become so prevalent that Cloudflare (based out of the UK) recently reported that that online security threats have increased by 37% in just four weeks. In fact, Cloudflare reported that on some days it was blocking between four and six times the number of attacks normally seen! It was also noted by Google that in mid-April that every day there were over 18 million malware and phishing emails related to the pandemic. In addition, the organization behind Trickbot sent out hundreds of emails claiming to be from volunteer and humanitarian groups who offered testing and to have information regarding testing and medical advice. The Trickbot emails contained an assortment of attachments all designed to install malware onto the computer of anyone who opened it.

According to the 2019 Cybercrime Magazine study, website hacking will cost the world $5 trillion by 2021 -this is up by $3 trillion since 2015. Furthermore, cybercrime attacks are the fastest growing crimes in the U.S. Worse, the hackers are becoming more skilled and sophisticated than ever before. To put this in perspective, consider this: There are 111 billion lines of new software code written each year – meaning a significant amount of coding that can be exploited by hackers and more risks to your website’s security.

In our last article, we talked about what to do to prevent a breach in cyber security. But what if you have already been the victim of a scam or malware attack? How do you move forward and protect yourself and your clients from being victims at a later date? The feelings associated with a cyber-attack range from disbelief to denial, anger, embarrassment and ultimately, being ready to take action.  The one thing you don’t need to do is PANIC.