How Domain Fraud Facilitates Phishing

Domain identity fraud (often called domain spoofing)is a tactic used in phishing attacks to trick users into believing a fake communication or website is from a trusted source. Attackers "fish" for sensitive data by casting deceptive digital lures, hoping victims will "take the bait" and reveal information like passwords, credit card numbers, or social security details.  

• Look-alike Domains (Typosquatting): Registering addresses with slight misspellings of popular brands (e.g., paypa1.cominstead of paypal.com).
• Homograph Attacks (IDN Spoofing): Using characters from different alphabets (like Cyrillic "а" instead of Latin "a") that look identical on a screen but lead to a different server.
• Email Spoofing: Sending emails where the "From" address appears to be from a legitimate company domain, even if the actual sender is a criminal.
• Subdomain Takeover: Exploiting abandoned or misconfigured subdomains (e.g., test.example.com) to host malicious content on a trusted parent domain.   

• Sense of Urgency: Claims that your account will be suspended or that a fraudulent purchase was made.
• False Rewards: Offers for free gift cards, coupons, or government refunds.
• Helpfulness (Angler Phishing): Fake social media support accounts that message users who are publicly complaining about a brand.   

• Report Identity Theft: File a report at IdentityTheft.gov(official FTCsite).
• Report Fraud: Use the FTC Fraud Report Toolto flag scams.
• Forward Phishing Emails: Send suspicious messages to the Anti-Phishing Working Group (APWG)at apwg.org.