Look-a-Like Malicious Domain

I got a call from CyberNotify.org about a look-a-like domain

Look-a-like domains are created purposely for Business Email Compromise (BEC) and usually involve a request to wire money or obtain sensitive information. If you have received an email from the look alike domain don’t delete it. We recommend that you report any fraudulent email from this look alike domain on the IC3.gov website or contact your local FBI field office.

• ▪ Official FBI.gov website, search for BEC (Business Email Compromise)
• ▪ Wall Street Journal story about a metal recycling company getting scammed
• ▪ How the wire fraud scams work

This minute and a half video shows the typical progression of Business Email Compromise and some options for prevention:

Options for addressing the look-a-like domain problem at your company

We cannot recommend what you should do because our role is just research. However, we can tell you what some companies are doing:

• ▪ Never make a wire transfer based on an email
• ▪ Register the domain name yourself to prevent scammers from using it
• ▪ Save the emails from the scammer and contact your local FBI field office
• ▪ Contact the domain name registrar to report the malicious activity
• ▪ Use the UDRP process to gain control of the domain