MISLEADING “COM-“ DOMAIN REGISTRATIONS
URL obfuscation has long been a tactic of cybercriminals in their attempt to trick their potential victims. Yet again, another obfuscation technique has been observed by Team CTM360 to be on the rise – domain names being registered starting with “com-“, due to the ease of setting up a subdomain. An example of this would be “facebook.com- newstrending.co”, where the domain name is in fact “com-newstrending.co”.
Normally, such websites imitate the design of a legitimate URL and alter it by adding special characters and/or misspelled words making it closely resemble the original website. Preliminary analysis has revealed that approximately 68,000 domains have been registered matching this pattern. Domains beginning with ‘com-‘ were mostly found to be either phishing websites, fake news websites, or were being used to send out spoofed emails.
For further details, click the download button below!