Buying Phishing Domain Names

IconMikko from F-Secure made a quick research on the domain name market. They made some searches on and found out that they are reselling domains like, and According to Mikko and Sedo are more obviously fraudulent domains available, ready to run for a fake phishing web site:

In this article F-Secure also counted obviously fraudulent bank related domains in March 2006. They did a simple search across com/net/org/us/biz/info top-level domains for common bank names.

Keyword Number of domains
citibank* 497
bankofamerica* 407
lloyds* 994
bnpparibas* 41
egold* 691
hsbc* 1258
chase* 6470
paypal* 1634
ebay* 8057

This banks should monitor the domain market places and sue the seller for violating trademarks rigtht.

via F-Secure

3 thoughts on “Buying Phishing Domain Names”

  1. I forgot one thing to add:
    They are reselling accented domain names that have been created using letters „á“ and „í“ with an aposthrope instead of the normal „a“ or „i“ to create highly deceptive domain names like ví, pà and paypà Brave new world!

  2. Pingback:

Comments are closed.