Fraudsters are continuously coming up with new ways to lure targets for monetary gains or to collect personal information (like Full name, email, telephone or bank account details etc.). Team CTM360 has recently identified a very new technique that is perpetrating various existing scams like Advance Fee Fraud, Fake survey scams, Phishing, TRAP 10 (binary option fraud) and engaging in bogus activities on social media platforms. This type of attack is achieved via Mutated domains and URLs.
What is Domain and URL Mutation?
To deceive target users/victims, scammers have now come up with a very simple and effective way in which they register domains starting with “com” followed with a hyphen “-” and a trailing word (e.g. com-news, com- newsbulletin) which is in fact the domain name. Such type of domain becomes an effective deception mechanism when the scammer starts adding as many subdomains/directories to it. For example, cnn.com-news.co or bbc.com- newsbulletin.co. Such type of attack using misleading domains is what we refer to as a Mutant domain/Domain Mutation. Some other variations of mutant domains are as follows:
As observed, scammers have picked upon a sequence or a pattern to register such domains. The attack is then followed by presenting a false story/content to its target users/victims that acts as the initial bait which is the scammers modus operandi.