Deliver predictive threat intelligence data directly from our platform to yours integrated via Webhooks and APIs.

At DomainSkate, we redefine brand management through a combination of cutting-edge solutions tailored to your unique personal needs.

DomainSkate’s Fraud Preventer monitors domain registrations, analyzes phishing websites, identifies typo squatting domains, and maintains a domain watchlist.

We offer easy-to-use APIs to utilize and integrate our available services into other systems.

Dive into a world of expertise with our webinar videos. Explore insights, trends, and practical tips from industry experts.

FInd a wealth of expertise through our blog posts. Discover insights, trends, and practical tips from industry experts.

Get a free market study that uses DomainSkate’s proprietary data, with comments and analysis by industry researchers.

Find out how Law Firms increase billable hours and client retention with DomainSkate.

Learn how our AI-supported threat intelligence feeds expose the problem, and provide solutions.

See how eCommerce and other Retail companied save millions protecting their brand with DomainSkate.

Avoid lawsuts and reguatory fines by diligently finding, monitoring, and shutting down fake websites.

Meet the executive leadership at DomainSkate

Lean about our origins and our remarkable growth.

Learn about our existing partners, vendors and partner programs.

Join the flexible, professional team at DomainSkate!

We have multiple types of channel partnerships – just ask us!

Brand protection protects your company from fraud. It also protects all of your customers from phishing attacks and fraud in your name.

Find out some of the top brands that use and trust DomainSkates's services to protect their brands on the internet and Web3.

Use our free service 'Threat Finder' to get a list of 10 sites that may be infringing on your brand.

Get a map to our New York City offices.

Deliver predictive threat intelligence data directly from our platform to yours integrated via Webhooks and APIs.

At DomainSkate, we redefine brand management through a combination of cutting-edge solutions tailored to your unique personal needs.

DomainSkate’s Fraud Preventer monitors domain registrations, analyzes phishing websites, identifies typo squatting domains, and maintains a domain watchlist.

Use our free service 'Threat Finder' to get a list of 10 sites that may be infringing on your brand.

Get a free market study that uses DomainSkate’s proprietary data, with comments and analysis by FouAnalytics.

Dive into a world of expertise with our webinar videos. Explore insights, trends, and practical tips from industry experts.

Create new SOC tickets with prioritized threat intelligence and instant access to remediation.

Trigger highly prioritized tickets, maintained daily watchlists, and executed seamless remediation.

Seamlessly integrate monitoring and remediation into your automated orchestration platform.

We have multiple types of channel partnerships – just ask us!

Phishing Software Attacks Use Domain Names as Effective Lures to Confuse Customers of Financial Institutions

A recent report by the website KrebsOnSecurity shined a light on a couple of scams that are making the rounds and using domain names as a primary means of confusing users/victims. 

 The scams identified in the report show that the following domains are being used as part of elaborate phishing scams:

  • ushank[.]com – for going after U.S. Bank customers. 
  • Login2.ẹmirạtesnbd[.]com – for Emirates NBD Bank in Dubai
  • Cliẹntșchwab[.]com – looks like a login page for Charles Schwab clients
  • Singlepoint.ụșbamk[.]com – phishing domain for U.S. Bank customers.

Further, if you look carefully at the last 3 domains above you can see that the domains are using non-Latin based letter called “punycode” to fool victims into visiting these websites because the punycode is really tough to see unless you are paying attention. Specifically, punycode is an internet standard that allows web browsers to render domain names with non-Latin alphabets. Let’s take a closer look. 

For example: 

Login2.mirtesnbd[.]com

The “e” and the “a” in “emirates” above are actually part of the alphabet of the Yoruba language which is spoken in Nigeria, and use the Latin alphabet with additional diacritic marks to represent specific sounds. The word café, for example, includes a diacritic mark that tells you to pronounce that last e as “ay.” The letter “ẹ” with a dot below it represents a nasalized version of the letter “e”, while “ạ” with a dot below it represents a low tone version of the letter “a”. These letters are not officially recognized by ICANN but they can be used to register a fraudulent domain name and confuse people. 

This represents an intriguing development in phishing software attacks and the use of modified domain names to confuse users. 

 

Share This Post

More To Explore

Blog

ALERT: Novel Phishing Attack Explained

Sophisticated Phishing Scam Uses a Combination Malicious Code, a Fake Domain Name, and a Russian Payment System Fake domain names are commonly used by threat actors to deceive users at

Blog

BBB: Phishing Scams Doubled in the Last Year

The Better Business Bureau has issued a report for 2024 showing that phishing scams have doubled in the last year with AI and text-based fraud leading to a surge in

Brand Protection for Marketers and Brand Teams

Get the Protect Your Brand Newsletter

Brand Protection for Marketers and Brand Teams

Learn the latest strategies and tactics on how marketers and brand teams are protecting customers and revenue. 

Get the Brand Protection Newsletter

Don't Let Hackers Steal From Your Brand or Your Customers

Learn the latest strategies on how to protect your brand from revenue loss and repetitional damage.

Error: Contact form not found.

DomainSkate is a leading innovator of digital brand protection. Our threat intelligence platform uses AI to predict the domains and digital assets that will most likely be used by threat actors in phishing attacks, fake websites, and other online fraud. Once detected, our experienced team quickly takes down the offending domain.

Copyright © 2015–2024 DomainSkate. All Rights Reserved.