How hackers can use your website to steal from your customers

Post by 

How hackers can use your website to steal from your customers

Published 
March 8, 2021
How hackers can use your website to steal from your customers
H

ave you ever visited a website that doesn’t look quite right? Or you click on a link and it takes you somewhere you weren’t expecting? Or even misspell a website and end up on what is clearly a scam page? If that link were one from a business you trusted, would your trust in them be affected? Typosquatting, website impersonation and domain spoofing are becoming concerningly common nowadays, and it’s up to us all to fight back.

What are they doing?

There are three main methods that cyber criminals are using in these types of attacks. The first is typosquatting, sometimes called URL hijacking or sting sites. In this attack the cyber criminals take control of websites with similar URLs to a well-known website. Take the example of goggle.com, which would direct people who misspelled Google to phishing sites. The same can be done with the domain, replacing .com with .co or .cm for example to catch out anyone who misspells that part of the address.

The second tactic used is website impersonation. In these cases, cyber criminals build a website that looks just like a business’ original site, except that any details entered, or money paid will end up with the criminals.

Domain spoofing is similar but takes advantage of weaknesses in website security and mail systems. These attacks allow cyber criminals to imitate the email or site of a business and actually directly reach out to victims rather than waiting for them to fall into a trap.

What does this do to the relationship with your customers?

Unsurprisingly, your customers might not like that your website has been used to attempt a cyber-crime. The more tech-savvy customers might also be wondering how and why you have let something like this happen. Either way, it’s definitely not a good look. As a business owner with an online presence there is always a responsibility to protect customers from these kinds of attacks. They not only put your online brand in a very bad light, but it can discourage customers from visiting your website in fear of becoming the victim of a cyber-attack.

In a more general sense, it is something that will discourage certain customers from participating in any online business. This applies particularly to the less tech-savvy customers who might not be very comfortable browsing and purchasing online. One bad experience, especially being scammed or phished, can have a large impact on their shopping habits and how they trust the online world. This, unsurprisingly, is something we definitely want to avoid.

What can businesses do?

The first step any business can take is very simple. Make sure all of your security certificates are up to date! If they expire or aren’t the latest version, you are leaving yourself open to all kinds of problems. The solutions beyond that are your choice. Some businesses prefer to go on the offensive, finding and taking down malicious sites as they appear with the help of Close Digital Protection professionals. Others will build on their defence by purchasing any vulnerable domains and websites, making sure any typos will just redirect to their main page instead of a phishing site. The best solution may be a balance between these two approaches. Purchasing the most vulnerable and common typo sites while proactively taking down the most heinous and dangerous spoofs.

Join Our
Mailing List

We never share your info. View our Privacy Policy
Thank you! You're now on our mailing list!
Oops! Something went wrong while submitting the form.
Paper Plane
Join out startup community
Join Our startup
Community
there's more

Post You Might Also Like

All Posts
Cleaning
Mar
25
:
2021

What a good spring clean can do for your mental health

Spring is indeed upon us. That also means that it’s spring cleaning time, when we can all get our yearly fix of deep cleaning our homes.
Travel
Mar
20
:
2021

10 hidden sites in Cyprus you have to explore

Cyprus is a lot more than beaches and souvlaki, there’s a whole world to explore in the small towns and backstreets of every part of the island. To help you get to know the less well-known wonders of Cyprus, we’ve put together 10 of our favourites...
Insurance
Mar
17
:
2021

How to minimise risk as an Independent Advisor

Working as an independent advisor in the age of Covid is somehow even riskier than it was beforehand. Advisory teams have had to adapt to a radically different working world and the risks of independent advisory life.
Cleaning
Mar
15
:
2021

How to make homemade dish soap

Making a non-toxic and less chemical-filled dish soap at home is also much easier than you might think. We think that whether you use it regularly or not, it’s a great trick to have up your sleeve.
Business
Mar
1
:
2021

Women's History Month

March is Women’s History Month, a time for us all to celebrate the powerful and inspiring women that have made this world we live in a better place.