New research: Malicious actors are imitating tech companies

Image via Unsplash

New research from Cado Security reveals that malicious actors are imitating tech companies in an effort to compromise corporate systems. Researchers discovered a typosquatting threat, in which malicious actors register domains that closely mimic an already existing domain. This is often done by replacing symbols with other, similar looking ones, such as swapping the letter ‘I’ for a lowercase ‘L.’ This subtle difference can deceive users into believing the fraudulent domain is the legitimate one, possibly luring users to a malicious site.

Researchers identified a fraudulent domain posing as Cado Security. However, the false domain was redirecting users to the organization’s legitimate domain, suggesting that malicious actors were likely setting it up for a future phishing attack.

Additionally, the malicious actors created an X (formerly Twitter) account associated with the domain to establish the appearance of authenticity. This included purchasing a Gold Checkmark, following users related to the organization and adding followers.

Researchers found that Cado was not the only tech company impersonated. Security leaders are encouraged to monitor domain registrations.

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

ON DEMAND: In this webinar, Regina Lester, Vice President of Security & Safety Operations at Toledo Zoo, will share her insights on implementing security technologies in the entertainment sector and the challenges all organizations face — large and small — when it comes to balancing budget and security.