Some 324 high-risk domains were spotted online

May 3, 2017 12:30 GMT  ·  By

Hackers have registered over 300 domains with names similar to those of several popular British banks, which they use to trick customers into handing over personal details or login data. 

According to DomainTools, a company handling domain names and DNS-based cyber threats, 324 such domains were discovered only in relation to banks in the United Kingdom, namely Barclays, HSBC, Natwest, Lloyd's and Standard Chartered.

For its discovery, the company used its PhishEye tool which allows users to search for existing bad new domains that spoof legitimate brand, product, organization, or other names.

"Imitation has long been thought to be the sincerest form of flattery, but not when it comes to domains. Domain squatters use squatted domain names to administer and run phishing, drive-by download, or revenue-generating adware campaigns," said Kyle Wilhoit, senior security researcher at Domain Tools.

According to him, many of these types of domains will simply add a letter to a brand name, which may go undetected by the user. Others will add additional letters on either side of a brand name with the same end result.

Small investment, safer clients

"Also, brands can and should start monitoring for ‘phishy’ domain name registrations in order to defensively register their own typo variants. It is much better to own your own typo domains than to leave them available to someone else and at an average of £12 per year per domain, this is a relatively cheap insurance policy," Wilhoit added.

Users are, of course, advised to always check the name of the domain they've entered to make sure it's correct. It's always best to check for extra letters, dashes, reverse letters, plural or singular forms of the domain or "rn" masquerading for "m."

The company found 74 high-risk domains with names similar to Barclay's, 110 with names similar to HSBC, 22 for Lloyd's, 66 for Natwest, and 74 for Standard Chartered.