Taking Down Fake Websites & Domain Names

12 October 2023

This blog delves into the intricate workings of fake websites and how they exploit similar domain names to well-known brands, deceiving customers in the process.  We also take a look at the immediate steps brands can take to get infringing domain names and websites suspended or if that fails, some methods to disrupt a dodgy website.

Utilizing Domain Names in Phishing Attacks

Domain name phishing exploits the trust and credibility associated with renowned brand names, manipulating users into engaging with malicious websites, which often leads to unauthorized data access or financial loss. Attackers commonly utilize strategies like typosquatting – registering domains with intentional misspellings or variations of legitimate brand names and combosquatting, which involves appending common words to brand names to create seemingly related domains. These deceptive domains host websites that are meticulously crafted to mimic authentic platforms, acting as bait to lure users into revealing sensitive information under the pretense of legitimate interaction.

The Strategic Deployment of Fake Websites

Scammers strategically deploy fake websites to mimic legitimate platforms, creating a digital façade that convincingly deceives users into interaction. The deployment involves replicating visual elements, such as logos and user interfaces, and crafting content that emulates the tone and style of the original platform, while embedding malicious code or forms to harvest user data. These websites might be hosted on deceptive domains that utilize typosquatting or combosquatting to appear related to the genuine brand, further enhancing their semblance of legitimacy.

Actions to Take Upon Discovering a Malicious Domain Name or Website

When brands discover fake domain names and websites attempting to impersonate them, it’s imperative to act swiftly to safeguard both the brand and its customers. This section provides a straightforward guide on how brands can attempt to disable these fake sites:

– Suspending the Domain Name: Registrar suspension of a domain name, especially in the context of domain name abuse, refers to the temporary deactivation of a domain, rendering it inaccessible on the internet. According to the Registrar Accreditation Agreement (RAA) established by the Internet Corporation for Assigned Names and Numbers (ICANN), Registrars have obligations to address and mitigate domain name abuse. When a domain is identified as being used for malicious activities, the Registrar is responsible for investigating and addressing these issues, which may include suspending or deleting the domain name.

– Suspending the Hosting: To remove the content of a fake website, it’s crucial to gather comprehensive evidence that substantiates the claim of the website being fake or involved in malicious activities. Once the evidence is compiled, the host can be contacted through their abuse report or support channels, providing them with detailed information and documentation that demonstrates the illicit nature of the website.

– Delisting a Website in Google: Most search engines provide a safe browsing reporting page to report phishing and fake content. If a website is impersonating your business, you can also use Google’s legal removal requests to delist the fake page in search.

–Disrupting Payments and Services: If the Registrar or Host is slow to suspend the infringing domain name or website, consider disrupting their operation by interrupting services on the website. If a payment gateway, such as PayPal, Stripe, or Square, is being used, navigate to the provider’s official website, locate their reporting channels, and submit a detailed report. Explain how the phishing website is misusing their payment gateway for fraudulent activities. Similarly, you can hinder a fraudster’s ability to harvest data by having their online forms and website content suspended by reporting phishing attacks to the relevant CMS. For instance, when WordPress.com, which holds about 60% of the market share, identifies or receives a report about online forms engaged in phishing on a website hosted on its platform, it takes immediate action to protect users and maintain internet safety.

The persistent issue of fake websites and deceptive domain names requires ongoing attention and action from both brands and consumers. It is imperative for brands to implement stringent cybersecurity measures and for users to navigate the internet with heightened awareness and skepticism towards unfamiliar online platforms. Through collective diligence and adherence to cybersecurity best practices, the impact of these malicious online entities can be significantly mitigated.