Buying Phishing Domain Names

IconMikko from F-Secure made a quick research on the domain name market. They made some searches on Sedo.com and found out that they are reselling domains like chasebank-online.com, citi-bank.com and bankofameriuca.com. According to Mikko and Sedo are more obviously fraudulent domains available, ready to run for a fake phishing web site:

americanexpress.cc
americanexpresscredicard.com
amex.cc
citi-bank.info
citibanconline.com
ccitibank.com
paypal-antifraud.com
chasebank-online.com
chase-bank-credit-card.info
bank-of-america.be
halifax.uk.com
httpwwwhotmail.com
https.in
hsbc-internet-banking.info
post-bank.com
mastercard.name
mastercarding.com
natwestbank.net
visacard.us
visacardcredit.com
wwwbankofchina.com
wwwcitifinancial.ca
wwwpaypal.ca
www-e-bay.de
www-ebay.es
wwwmastercard.com.br
wamubamk.com
wamu-online-banking.info
atmmastercard.com

In this article F-Secure also counted obviously fraudulent bank related domains in March 2006. They did a simple search across com/net/org/us/biz/info top-level domains for common bank names.

Keyword Number of domains
citibank* 497
bankofamerica* 407
lloyds* 994
bnpparibas* 41
egold* 691
hsbc* 1258
chase* 6470
paypal* 1634
ebay* 8057

This banks should monitor the domain market places and sue the seller for violating trademarks rigtht.

via F-Secure

3 thoughts on “Buying Phishing Domain Names”

  1. I forgot one thing to add:
    They are reselling accented domain names that have been created using letters “á” and “í” with an aposthrope instead of the normal “a” or “i” to create highly deceptive domain names like vísa.com, pàypal.com and paypàl.com. Brave new world!

  2. Pingback: geschonneck.com

Comments are closed.