Retail Organizations Targeted with Phishing and Typosquatting Campaign

Due to COVID-19 pandemic, there has been a steep rise in all kinds of online shopping and services. This rise has given an opportunity to hackers to target retail organisatios with phishing and typosquatting campaign attacks.

As the research shows, with the better collection capabilities and an increase in online activity, there has been a noticeable rise in recent phishing campaigns compared to May 2019. There has been an increase of 83% in phishing attacks, with the total number of attacks in 2019 being 4,319 versus 7,934 in 2020.

With the rise in typosquatting campaigns, domains that look like popular brands of major retail companies have seen a spike in domain registrations targeting their brand. With top brands like Amazon being most targeted. It is noted that 163 registered domains or subdomains registered from March 1 through April 30 pretending to be related to Amazon. Some of the malicious domains are designed to be used as fake websites, such as mail[.]amazon-login[.]online, while others are designed to be embedded in phishing emails, such as amazon-payment-declineds[.]theworkpc[.]com.

There are several malicious domains registered targeting retail services, luxury brands, food delivery services etc. Since the domain looks legitimate and identical, hackers look to build credibility and get users to submit their credentials as customers’ PII (personally identifiable information) is linked to their payment information.

ADCY.io recommends to stay watchful and to check the legitimacy of emails and the domains before giving out any personal or financial information.