A new study by cybersecurity company Palo Alto Networks has found that the Royal Bank of Canada (RBC) is one of the top brands whose online domains are being copied by malicious actors to make fake websites.
Cybersquatting refers to the tactic of creating a website to look and feel like a legitimate website. The copying is not just limited to using the same logos and aesthetics of a real website – even the domain names of real websites are copied, relying on misspellings in order to trick users.
Palo Alto Networks reported that it had detected 13,857 squatting domains registered in December 2019 – an average of 450 per day. It was also found that 2,595 (18.59%) of the squatting domain names were malicious, which means they usually distribute malware or conduct phishing attacks on users. Another 5,104 (36.57%) squatting domains were found to present a “high risk” to users visiting them, since they have evidence of association with other malicious URLs within the domain, or were utilizing bulletproof hosting (a service which allows spammers to bypass anti-spam filters that would normally block their IP addresses).
According to the report, RBC is the third highest domain among the top 20 most abused domains in December 2019. RBC is topped only by PayPal and Apple, which are the first and second most abused domains, respectively. Netflix came in fourth, while LinkedIn was the fifth most abused domain by cybersquatters.
“When visiting these sites, users are often prepared to share sensitive information, which opens them up to phishing and scams to steal sensitive credentials or money if they can be deceived into visiting a squatting domain instead,” Palo Alto Networks said in its blog report.
It should be noted that while RBC is Canada’s largest bank, the banking company also has branches in the US and in 30 other countries, IT World Canada reported.