New document available on the Nameshield’s website: “5 minutes to understand – Abusive domain names registrations

5 minutes to understand - Domain names - Nameshield

The digital world is in perpetual evolution and every days, new domain names are registered around the world.

Among these new registrations, some can potentially affect your notoriety, your activity, and your results. Fraudsters, through these abusive domain names registrations, seek to benefit from your notoriety as quickly as possible.

Find in this “5 minutes to understand” document, available for download on the Nameshield’s website, the different practices of abusive domain names registrations that can affect your brand and the actions to take depending on the infringement caused to the brand.

“Win an airline ticket with a value of 500€” or other online scams attempt

Recently, many frauds campaigns offering free Nike shoes here and IKEA vouchers of 500€ there have been going on. Last case in date, a fraudulent e-mails campaign announcing the winning of airline tickets with a nice value of 500€, graciously offered to the winners of a supposed contest proposed by Air France airline company. This scam has circulated around France and was shared on social networks, by e-mails and even relayed on WhatsApp.

A misleading typography: typosquatting

If we look at the e-mail in question, the link www.airfrạ, inserted in the message, seemed to correspond to the official website address of Air France. Except for one little detail… The “a” of France is not a “a” of Latin alphabet but the “ạ” of Vietnamese alphabet. A single dot close then! Amazing case of typosquatting, a practice misleading web users by replacing, adding or deleting a letter in a domain name with the famous brand. Without enough vigilance, web users while thinking they are on a trusted website, could click on the link and find themselves redirected towards a page totally independent of the official website of the brand. On this page, a form to fill with their precious personal data in order to have a chance to win free tickets in this case. A confirmed scam.

The aim of these phishing and frauds campaigns is to collect as many personal information as possible. In other words, the identity thieves, the source of this kind of online attacks seek to obtain the e-mail, phone number and all interesting data of the tricked Internet user.

It was after the alert by Zataz website was sent, that Air France confirmed that it was indeed a fraud. It also encouraged web users to not consider this kind of message. It is also important to specify that the official website of the airline company is secured and authenticated by an SSL certificate, the browsers displaying the

What to do in front of these attacks and how to prevent them

The first reaction to adopt is wariness on the user’s side. The more the offer and the benefit are attractive, the more cautious you should be. Don’t communicate your personal data via a form or by return of mail without checking beforehand the request’s authenticity.

Always check the final URL of the page on which you are redirected, be attentive to the typography. Generally, only the information on site are official. An SSL certificate presence and the proprietary data displaying are also good indicators.

On the brands owners’ side, a naming and defensive registration strategy allows to best protect its users. The efficient monitoring implementation will also allow to detect phishing attempts as soon as possible and to take action early in order to stop them.