FraudOnTok: Ten Thousand Fake TikTok Shop Websites Hijacking Trust
FraudOnTok Scam: 10,000+ Fake Websites Hijacking Trust
FraudOnTok Key Takeaways (TLDR)
Cloned Websites 10,000+ impersonation websites identified mimicking TikTok Shop, Wholesale, and...
Passive Fraud Warning Pages Don’t Work
Fraud is active. Our fraud warnings shouldn’t be passive.
Every day, scammers launch sophisticated phishing sites, fake social media accounts, and impersonation campaigns designed to trick customers in...
Five Practical Tips to Protect Your Brand from Web-Based Phishing Attacks
Tips to Protect Your Brand from Web-Based Phishing Attacks
Web-based phishing is one of the fastest-growing threats facing enterprises today. Criminals can launch convincing fake websites in hours, using...
Brand Protection vs Fraud-as-a-Service
Has brand protection kept up with fast moving and large clone website networks? Whether you’re in retail, banking, or government services, attackers can now deploy hundreds of convincing fake websites in hours — complete with stolen branding, payment or credential-harvesting...
New Instagram Phishing Scam Flying Under the Radar
A newly observed phishing campaign is targeting Instagram users, and it’s using a clever trick to bypass traditional scam filters. If you’ve received an email claiming there was suspicious activity on your Instagram account and urging you to reply, read on. This scam...
“Stop a Phishing Site Using Our Brand”
How to “Stop a Phishing Site Using our Brand”
If your brand’s been targeted and you’ve just found a phishing site using your name – this blog is for you…Phishing attacks are no...
Inside Darcula: The Phishing Kit That’s Fooling Everyone
When a rising Fraud-as-a-Service (FAAS) phishing kit makes it into mainstream media, it’s usually a sign that it has reached a scale and level of sophistication that should alarm cybersecurity professionals.The ABC recently reported on a phishing kit known as Darcula. In the...
Hidden in Plain Sight: 6 Ways Phishing Sites Avoid Detection
Hidden in Plain Sight: 6 Ways Phishing Sites Avoid Detection
Phishing websites have become far more sophisticated than the basic spoof pages we saw a few years ago. As security experts improve detection...
Phishing Site Takedown: What to Do When Registrars Ignore Your Complaint
Phishing Site Takedowns: How to Escalate When Registrars Ignore Abuse
Few things are more frustrating in cybersecurity than a domain registrar ignoring a clear case of DNS abuse. Whether it’s a phishing...
DNS Abuse vs. Content Abuse: Where Registrars Draw the Line
The rise of fake websites used in phishing attacks has prompted a closer examination of how domain name abuse is handled. One of the biggest challenges in enforcement is distinguishing between DNS abuse—where the domain system itself is weaponized—and content abuse, which...
Cheap Domains, Costly Threats: How Cybercriminals Exploit Bulk Registrations
Bulk Domain Registrations: How Criminals Exploit Cheap Domains
How Cybercriminals Exploit Cheap Bulk Registrations
The retail domain name...