URL obfuscation has long been a tactic of cybercriminals in their attempt to trick their potential victims. Yet again, another obfuscation technique has been observed by Team CTM360 to be on the rise – domain names being registered starting with “com-“, due to the ease of setting up a subdomain. An example of this would be “facebook.com- newstrending.co”, where the domain name is in fact “com-newstrending.co”.

Normally, such websites imitate the design of a legitimate URL and alter it by adding special characters and/or misspelled words making it closely resemble the original website. Preliminary analysis has revealed that approximately 68,000 domains have been registered matching this pattern. Domains beginning with ‘com-‘ were mostly found to be either phishing websites, fake news websites, or were being used to send out spoofed emails.

For further details, click the download button below!

Share this post

back to top