New Research from Fortra Shows Average Brand Targeted by 40 Look-alike Domain Impersonations in H1 2023
August 2023 by Fortra
Cybercriminals register hundreds of thousands of look-alike domains every year to impersonate reputable brands and make a profit. These domains are used for a variety of attacks, including phishing emails, fraudulent websites, web traffic diversion, and malware delivery.
According to original research from Fortra’s PhishLabs, the average brand was targeted by nearly 40 look-alike domains per month in the first half of 2023, with attacks spiking in June. Additionally, for the first time since reporting on domain data, Fortra has seen cybercriminals favoring Country-Code Top-Level Domains over Legacy Domains when launching attacks.
Key findings from the research include:
• In H1 2023, the average brand was targeted by nearly 40 look-alike domains every month
• 77% of look-alike domains deemed malicious hosted phishing sites
• Cybercriminals are now paying to register look-alike domains after free registrations of top-level domains decreased by 80% in Q1 2023
• For the first time since reporting on domain data, Fortra has seen cybercriminals favoring country code top-level domains
• More than 62% of spoofed email display names impersonated well-known brands, including Microsoft and Google
• June 2023 marked a particularly difficult month, with look-alike domains jumping by 120% from May to June 2023. In this month, the average brand was targeted by 73 look-alike domains.