New research from Cado Security reveals that malicious actors are imitating tech companies in an effort to compromise corporate systems. Researchers discovered a typosquatting threat, in which malicious actors register domains that closely mimic an already existing domain. This is often done by replacing symbols with other, similar looking ones, such as swapping the letter ‘I’ for a lowercase ‘L.’ This subtle difference can deceive users into believing the fraudulent domain is the legitimate one, possibly luring users to a malicious site.
Researchers identified a fraudulent domain posing as Cado Security. However, the false domain was redirecting users to the organization’s legitimate domain, suggesting that malicious actors were likely setting it up for a future phishing attack.
Additionally, the malicious actors created an X (formerly Twitter) account associated with the domain to establish the appearance of authenticity. This included purchasing a Gold Checkmark, following users related to the organization and adding followers.
Researchers found that Cado was not the only tech company impersonated. Security leaders are encouraged to monitor domain registrations.
https://www.securitymagazine.com/articles/100953-new-research-malicious-actors-are-imitating-tech-companies