|
With the Olympics underway in Tokyo, CSC has taken the opportunity to analyze domain name registrations that include Olympic-related terms. The following three data sets show that cybersquatters are using the domain name channel to perpetrate fraudulent activity against worldwide brands.
But specifically about the Olympics, we tend to see large-scale sporting events as periods where cybersquatters are active, as highlighted in CSC’s recent three-part blog series on Euro 2020. The Olympics is one of the world’s largest sporting events, so the amount of online interest is massive, especially considering that spectators were locked out from attending the games in person.
Some terms such as “Olympics” and “Olympic games” are reserved due to their nature across varying country code top-level domains (ccTLDs) and generic top-level domains (gTLDs), so in this first set of data, we instead reviewed domains that include the more generic terms “Tokyo 2020” and “Tokyo 2021.” Below is a summary of registrations over the last few years, with spikes correlating to real-world events suggesting opportunistic behavior among registrants.
Additionally, we noticed the following:
In our second set of data, we reviewed lookalike domains. With many Olympic terms reserved, bad actors resort to sneaky measures such as registering similar-looking domains that users sometimes won’t notice. An example of a lookalike domain is “g00gle.com” where the ohs are replaced with numeric zeroes. In our analysis, we looked at variations of the term “Olympics;” figure 2 shows a sample list of domain registrations we found.
Many of the examples we found we’re pointed to PPC pages, and in some instances, sites are directed to “for sale” pages. One of the main dangers of these types of registrations is they can be used for phishing purposes. Emails can be designed to look like they come from a trusted source, but in fact, have links to malware or other insecure locations.
Our final set of data looks at the recently announced host for the 2032 Olympics, Brisbane. It’s only been a few weeks since the announcement, but there are already over 150 registrations relating to the games. Of the data set we analyzed, we noticed the following trends:
It’s clear from these three data sets that cybersquatters are continuing to use the domain name channel and will take any opportunity to pounce right from the get go. We see that .COM and .NET are still the main targets of infringement, but we are definitely seeing more diverse use of the new gTLDs as well the lookalike domains to trick users into possible phishing attacks. When launching your brands, we suggest you cover your bases and consider all domain variations, such as keywords and lookalikes, and have a strategy in place prior to launch.
Sponsored byVerisign
Sponsored byWhoisXML API
Sponsored byRadix
Sponsored byIPv4.Global
Sponsored byVerisign
Sponsored byCSC
Sponsored byDNIB.com