The New Scam For Stealing Websites: Domain Phishing

The New Scam For Stealing Websites: Domain Phishing

Phishing is one of those scams increasingly present in our country and in other countries and you can’t do much for it to be solved unless pay attention and be careful.
In fact, it is based on registering a domain similar to one that already exists, usually banking institutions, prompting the user to enter their credentials in a fake site, from which they are recovered and their money stolen.
After years of online scams, practically everyone, even the most inexperienced users, now know that we must pay attention to email phishing. These are all those techniques that try to make you put your credit card number and password on a fake site, disguising itself as an official body that requests them, and we all know by now that this information should not be given to anyone, because nobody can ask us for any reason.

But in the recent months a new scam known as domain phishing has been making headway, which is basically the same thing as normal phishing, but with domains. Seriously, emails arrive asking to enter our name and password for access, and whoever enters, sees the domain completely tampered with; note that this technique takes much more than we think, well we explain why.

The targeted are small and medium-sized companies, those who cannot afford the IT experts. One would think that if a person has the skills to buy a web domain he will also have those to avoid phishing but this couldn’t be further from the truth. After the purchase, perhaps carried out on our behalf by a web designer, the management of the site ( which then maybe not even touched) is entrusted to any employee who deals with anything else, perhaps a company secretary. You see in front of an email something like: ‘Hello, we are from the Google Search Engine, your subscription to our service is about to expire for updating the databases. If you want to continue appearing on Google’s search results, you must provide us with your data …’
For a person who understands the environment, there is no problem in understanding that this email is senseless and a scam, because there is no registration with Google and, above all, it does not expire. But for the poor employee of a small company, who thinks that people who use Google for their searches, will never find it again, it is alarming news, which often pushes them to do just what they shouldn’t do.

In short, it is a technique that, like many, is based on ignorance, but in recent weeks several websites have been tampered with, so it is good to pay attention to these emails, especially if, for work, you deal with the creation and management of sites for third parties, this article should go out there, because people who are not in the sector could run into very unpleasant consequences.