Cyberattacks are common nowadays, but threat actors use a simple yet effective technique that lures people into thinking it is legitimate and tricks them into a phishing scam.
It centers on the notorious "lookalike domains" found in different parts of the web, with a cybersecurity expert warning Gmail and Outlook users. Some phishing scams will immediately give users the "off" vibes, but some are meticulously designed to fool even those familiar with these kinds of attacks.
Lookalike Domains, Phishing Scams Rising in Gmail, Outlook
Jona Jaupi, a reporter for The Sun and a cybersecurity expert, reported that there is a rise in phishing scams today that center on lookalike domains too.
Lookalike domains are known for significantly copying or replicating a website but are not legitimate ones, best known for their phishing scams, malware, or other threats present.
The 2022 CSC Domain Security Report previously found that as much as three-quarters of the Global 2000 companies have yet to adopt key domain security features.
It claimed that 75 percent of these lookalike domains target the company they replicate, particularly its customers purchasing or engaging in their services.
'Alphabet Attack' Uses Homoglyphs to Seem Legit
The Sun called this the "Alphabet Attack," where threat actors use homoglyphs to fool people into thinking this is a legitimate website.
Take, for example, the small letter "l," which looks like a capital letter "I," that threat actors may change on a domain name and appear as if it is a legitimate one.
This sneaky attack manages to fool even those with keen eyes into thinking that this is the real deal. However, it is important to go directly to trusted websites or links whenever inputting one's details to avoid getting phished.
Phishing Scams and Cybersecurity Attacks
One of the most clever and conniving ways to bring users into divulging their personal and sensitive information online or via apps is with the infamous phishing scams deployed on different platforms.
In the early days of the Twitter verification changes, cybercriminals exploited this opportunity to enforce their scams via email, with people believing they were getting the blue checkmark.
There have been a lot of reported phishing scams throughout the months and years, with some of them centering on subscription-based services that ask users to renew their subscriptions to avoid attacks.
It is quite ironic that these hackers resort to these types of phishing scams, going as far as to use Norton's name in sending fake emails to its victims.
Cybercriminals are heartless and do not regard the law in their actions against others, with these phishing scams becoming more and more clever in victimizing the online world.
Now, they enforce their attacks via lookalike domains with the so-called "alphabet attacks," one that changes only one small thing but could damage a whole lot more for the user.