1. Welcome to DNTrade. If you want to find out about the latest domain name industry news or talk, share, learn, buy, sell, trade or develop domain names - then you've come to the right place. It's a diverse and active community, with domain investors, web developers and online marketers - and it's free! Click here to join now.
    Dismiss Notice

Fake Google IDNs Used in Magento Skimming

Discussion in 'General Domain Discussion' started by chris, Jul 28, 2019.

  1. chris

    chris Administrator

    Joined:
    Mar 7, 2010
    Messages:
    2,500
    Likes Received:
    1,123
    auDA Member:
    Yes
    Another example of domain trust being abused by the bad guys, in this example it's card skimming attack on Magento ecommerce sites.

    Tools like dnstwist are very effective at generating look-alike domains so you can track them down, but throw in gTLDs and it becomes almost impossible (.goog, .google google.whatever etc.).

    You can check the full article here: https://threatpost.com/google-sites-card-skimming-thieves/146694/

    Seems like we're seeing a lot more of these in recent months.
     
    Scott7, Suzabro and Data Glasses like this.
  2. Suzabro

    Suzabro Administrator

    Joined:
    Jul 18, 2012
    Messages:
    721
    Likes Received:
    285
    Scary stuff
     
  3. chris

    chris Administrator

    Joined:
    Mar 7, 2010
    Messages:
    2,500
    Likes Received:
    1,123
    auDA Member:
    Yes
    On some screens you can see the difference, but depending on the size and font it can look identical.



    idn.png
     
    Scott7 and Data Glasses like this.
  4. Data Glasses

    Data Glasses Membership: VIP

    Joined:
    Jun 26, 2008
    Messages:
    6,785
    Likes Received:
    1,135
    It used to be you had to put a Url into caps on Sedo just to make sure it wasn't an Idn
     
    chris likes this.
  5. Scott7

    Scott7 Membership: Trader

    Joined:
    Jan 21, 2013
    Messages:
    1,014
    Likes Received:
    796
    Great info, Chris. Similar crypto theft scams involving fake hardware wallet sites are on the increase too. Main thing there is never to enter your seed words using a keyboard. Always enter them on the hardware wallet itself.
     
    chris likes this.
  6. eg73

    eg73 Membership: Community

    Joined:
    Jun 4, 2014
    Messages:
    286
    Likes Received:
    158
    auDA Member:
    Yes
    What will we have next..
    dntrade.com.au
    dntrade.au
     
    chris, Scott7 and Data Glasses like this.
  7. Data Glasses

    Data Glasses Membership: VIP

    Joined:
    Jun 26, 2008
    Messages:
    6,785
    Likes Received:
    1,135
    I can't confirm but I believe chis has opted for DnTrade.Tv
     
    chris and Scott7 like this.
  8. chris

    chris Administrator

    Joined:
    Mar 7, 2010
    Messages:
    2,500
    Likes Received:
    1,123
    auDA Member:
    Yes
    Scott7 likes this.