Typosquatting Hacks: What Can Happen If A Hacker Sets Up A Phony Domain For Your Custodian Or B/D

Wednesday, September 28, 2011 08:28
edit
Typosquatting Hacks: What Can Happen If A Hacker Sets Up A Phony Domain For Your Custodian Or B/D

Tags: security

Say a hacker sets up the domain for Sschwab.com or TDAmmeritrade.com and emails you requesting you send confidential information or builds a few Web pages that look just like your custodian's site.

This Website Is For Financial Professionals Only


 

While there is no known effort to perpetrate such a fraud by using these or other brokerages, "typosquatting" is a real security threat advisors should be aware of.

 

Researchers at security think tank Godai Group set up phony domains using small typos. It yielded a treasure trove of personally identifiable infrotmation.


"During a six‐month span, over 120,000 individual emails (or 20GB of data) were collected, which included trade secrets, business invoices, employee PII, network diagrams, usernames and passwords, etc," according to the researchers. 

 

A story on PC World highlights the threat and provides more detail.

 

It lends further evidence to the notion that advisors need to be mindful of social engineering attacks.

 

Educating clients about how to protect themslves against this growing scourge would be wise.

 

 

Comments (0)

Write comment

You must be logged in to post a comment. Please register if you do not have an account yet.

busy