Cybercriminals Create 57,000 Fake Sites Each Week

wiredmikey writes "In a recent investigation, it was discovered that cybercriminals are creating 57,000 new 'fake' websites each week looking to imitate and exploit approximately 375 high-profile brands. eBay and Western Union were the most targeted brands, making up 44 percent of exploited brands discovered. Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals. Banks comprise the majority of fake websites by far with 65 percent of the total. Online stores and auction sites came in at 27 percent, with eBay taking the spot as the No. 1 most targeted brand on the Web today."

Re:Cost?

[DriedClexler]

Oh, I am completely sure that this isn't profitable, because registrars and ICANN would crack down on it immediately, and credit card companies would quickly reverse fraudulent puchases made on these websites, and then pass on the fraudsters' information to law enforcement, allowing them to swiftly shut down these operations.

*jerk-off gesture*

Is someone working on fixing this?

[kheldan]

I know that DNS vulnerabilities are being addressed finally. Wouldn't a good next step be to eliminate domain registrars that allow these sorts of sites to get created in the first place?

Comment removed

[account_deleted]

Comment removed based on user account deletion

You can thank your favorite registrars there...

[damn_registrars]

The registrars could do their part to shut down the bogus websites faster - by invalidating the WHOIS records - but they don't. Of course, we all know why they don't; it's because they make money by chosing to not do that. Of course if you read into the existing WHOIS records for the bogus websites you'll find that quite a few of them already have bogus WHOIS data; often the only part that means anything is the DNS referral, which shows quickly whose side the registrars are on.

If our good friends at ICANN actually gave half a shit about the problem they would crack down on complacent registrars, but that isn't very profitable for them, either.

sure...

[damn_registrars]

Wouldn't a good next step be to eliminate domain registrars that allow these sorts of sites to get created in the first place?

I agree whole-heartedly that something should be done about the crooked and complacent registrars. The problem is, who should take the action? The most logical step is ICANN, since they handle registrar accreditation, except they have shown repeatedly that they will not take any meaningful steps. And of course, ICANN only does accreditation for registrars of the largest TLDs (for now), so anything from another country's list of TLDs is beyond their jurisdiction (and soon pretty much everything will be beyond their jurisdiction).

So if ICANN won't do it, who then should? It is pretty well impossible to take legal action against the registrars and expect anything meaningful to come of that, so unless you want to advocate vigilante justice you're just SOL.

Re:You can thank your favorite registrars there...

[Phrogman]

Which is why some Government agency and not ICANN should be administering the domain names, or at the least some governing body with members posted from each of the major nations on the net or something.

Grammar, please

[Anonymous Coward]

"Visa, Amazon, Bank of America and PayPal also heavily targeted by cybercriminals." Please, please, for the love of god, grammar check your submissions. I am a proud grammar nazi because it really hurts my brain when I have to read a summary that contains a sentence that is missing a verb. How does this even get posted like this? Something is wrong here.

Re:You can thank your favorite registrars there...

[John Hasler]

Because there is no chance at all that government would misuse control of DNS...