What is Domain Spoofing?

FAQS / What is Domain Spoofing?

What is Domain Spoofing?

Domain spoofing is when fraudsters use a domain name that looks very similar to a real domain name, in order to trick people. The domain name might be used to set up a fake website that looks like the real website, or send emails that look almost identical to those from someone's real email address.

The outcome the fraudster is looking for can vary. In the legal sector domains are often registered either to:

  • Try to trick people into sending funds to the wrong bank account (for example when sending a deposit for a property over to their solicitor)
  • Get them to visit a fake website (which can be an exact replica of a real law firms website) and prompt them to take an action - such as providing personal information about a transaction that the fraudster can then use later.

For example your email address might be albus@dumbledorelaw.com, but a fraudster registers dumbledurelaw.com and sends emails as albus@dumbledurelaw.com. As the name that appears would be set to “Albus Dumbledore” in both cases, without close inspection you are unlikely to spot the use of the false domain name.

The SRA’s scam alert service contains a long history of these sorts of fraud attempts.

Similarly, fraudsters may be able to fool people into visiting a website with a domain name that looks identical to your domain name. Fraudsters exploit a vulnerability in the way that some web browsers convert domain names registered in foreign character sets.

A proof of concept shows how in some browsers you could believe you have visited the Apple website, as "xn–pple-43d.com" gets displayed as "аpple.com" - this is known as a homograph attack.