Spoofers Love Cheap Domains: Here’s How To Protect Your Business

Last year, cybercrime statistics revealed some startling numbers. As of August 2024, there has been a nearly 40% rise in phishing attacks compared to the previous year, and much of it is happening on new generic top-level domains (gTLDs) like .shop , .top , and .xyz . These gTLDs are cheap and come with minimal registration barriers, making them attractive to cybercriminals. 

But fear not—in this article we will cover three strategies to help keep your brand safe from these types of attacks.

---

Why Do Spoofers Love Certain gTLDs?

First, let’s talk about gTLDs. These are the common endings of web addresses, such as .com or .org. New gTLDs were created to give us more options, but they come with a downside:

Spoofers—those who create fake sites to mimic legitimate businesses—are increasingly targeting specific gTLDs (generic top-level domains) like .shop , .top , and .xyz for their phishing attacks. But why exactly do these domains appeal so much to cybercriminals? Let’s break it down and look at a simple example to illustrate their strategy.

• First: Affordability. Many of these new gTLDs are easy on the wallet, allowing scammers to purchase them in bulk. This lowers the risk for them while increasing their potential reach for perpetrating mass attacks. 
• Second: Accessibility. The process to register these domains is very straightforward. Unlike heavily secured domains (such as .bank), many new gTLDs have little-to-no requirements or verification checks. This means spoofers can mask their true intent with minimal oversight, making it a breeze to set up shop quickly, without revealing their identity.
• Finally: Availability. Some companies don’t do the easy work of registering their brand name across multiple domains. With so many gTLDs left open, it only takes seconds for spoofers to find a domain that mirrors a legitimate business.

Imagine a reputable online retailer named “ShopBest.” While they own the domain shopbest.com, what’s stopping a spoofer from grabbing shopbest.shop?

So a spoofer registers shopbest.shop and meticulously replicates the authentic ShopBest website. They mimic the design, swipe the logo, and copy each page word for word. Next, they launch a phishing campaign, sending out emails crafted to look like genuine ShopBest promotions. These emails contain tempting offers and prompt recipients to click on the shopbest.shop link.

Now, put yourself in the shoes of a trusting customer. Seeing the familiar branding and deals, you decide to check it out. You land on what appears to be the ShopBest site and proceed to enter your payment information, unknowingly handing over your sensitive data. The spoofer walks away with your card details and personal information, leaving you vulnerable to identity theft and fraud.

As a business, you can’t risk this kind of security breach. Once an attack like this takes effect, the clean-up process can be devastating. The best protocol for handling phishing and spoofing is by taking steps to prevent it in the first place.

So, what can you do to stay a step ahead?

---

Build Your Domain Portfolio

An easy way to start bolstering your brand security is by building out your domain portfolio.

A domain portfolio is a collection of domain names related to your business across various gTLDs. By snapping up similar domain names, you prevent bad actors from imitating your business. This protects your reputation and keeps customer trust intact. Plus, many of these domains are fairly cheap, meaning it’s easy to take the lowest priced ones off the market – with minimal cost to your business.

Building your domain portfolio is a great starting point. But there are some downsides to taking no further action. For one thing, you have to keep a watchful eye on which domains are available, on sale, or trending. And worse, if you miss something and end up leaving a domain on the market, it can still be snatched up by cybercriminals. 

But don’t worry, there are other solutions. 

---

Use A Domain Monitoring Service

Once you’ve established a strong domain portfolio, the next line of defense is a domain monitoring service. These services act as an alert system, notifying you of any registration attempts on domains resembling your brand. The domain landscape changes rapidly—new gTLDs pop up, and cyber threats evolve. Staying informed is your first step in keeping your business secure.

Here’s how a domain monitoring service can protect your business:

1. Real-Time Alerts: Immediately get notified if someone attempts to register a domain that closely matches your brand. This proactive measure allows you to take swift action and mitigate potential attacks before they affect your customers.
2. Activity Reports: Access detailed reports on domain activities that concern your brand, providing insights into trends and potential threats. Understanding these patterns can help shape your future defense strategies.
3. Custom Notifications: Tailor notifications to focus on specific keywords, gTLDs, or regions where your business is most vulnerable. This customization ensures your monitoring efforts are efficient and relevant.

Integrating a domain monitoring service into your security strategy helps maintain peace of mind, knowing that you’re one step ahead of potential threats. At 101domain, we offer expert brand monitoring services grounded in our extensive knowledge of every domain on the internet.

---

Implement GlobalBlock

Beyond monitoring, you could consider taking a more aggressive approach with GlobalBlock. This tool allows businesses to preemptively block their brand name across numerous gTLDs at once, essentially freezing out spoofers by rendering these domains inaccessible for malicious registration.