Security must include domain name protection, say experts

Detecting fake websites needs to be part of all companies' security strategies, say security and domain name experts

Detecting fake websites needs to be part of all companies' security strategies, according to security and domain name experts.

The warning came after a hoax targeted security services firm G4S that involved a bogus press release linking to a fake website.

The bogus press release said G4S had discovered errors in its accounts, and the company’s chief finance officer (CFO) Himanshu Raja had been dismissed.

The bogus press release on 12 November 2014 caused volatility in the security firm’s share price, which fell more than 3.5% before firming to close up 2.1% after the hoax was uncovered, reports the Telegraph.

Market commentators said the hoax could have been the work of short sellers attempting to profit from a fall in G4 shares.

The fake website’s address was registered on 30 October 2014 with the service Enom and was directed towards a server in Texas.

“Cyber criminals are well-versed in building copycat websites that look identical to the authentic versions and can cause serious damage to company valuations and hard-won reputations,” said Haydn Simpson, head of brand protection at NetNames.

Vigilance about brand exploitation

“It is not just banks that suffer from fraud, or luxury goods brands that suffer from counterfeiting online – all brands are vulnerable to exploitation.”

Simpson said the experience of G4S demonstrates the need for companies to remain vigilant about internet activity that can lead to brand damage.

“Companies must evaluate their online strategy on an ongoing basis and ensure that they remain protected," said Simpson.

“Brands need to understand the online environment and have the capacity to detect and enforce on fake sites using their brands, before issues like this come to public attention.” 

However, the issue of domain names is typically overlooked when designing an online security strategy, said Rob Cotton, chief executive at information assurance firm NCC Group.

“Making sure you’ve got the right internet domains is often dismissed by executives as simply a job for the marketing department, but we’ve got an incident here that’s affected share price – and that’s going to send tremors right up to board level,” he said.

How cyber criminals use fake sites

Cotton said vigilance in this regard is becoming increasingly important as cyber criminals now have more than 1,000 new generic top-level domains to exploit, such as .shop and .london.

In October 2014, security researchers uncovered a cyber espionage campaign against military, diplomatic and defence industry targets in the US, Europe and Pakistan, that included fake websites.

Although the campaign mainly used phishing emails, the attackers also compromised legitimate sites in Poland to redirect targeted visitors to a fake military contractor website.

The fake site was almost identical to the compromised legitimate website, designed to infect victims’ computers with information-stealing malware.

Read more on Hackers and cybercrime prevention