Skip to main content
Security Performance Management
Continuous Monitoring
Vendor Risk Management
Trust Management Hub
Cyber Insurance
National Cybersecurity

Domain Squatting Risk Vector

Ingrid

⇤ Diligence Risk Category

The Domain Squatting risk vector detects the presence of domains named similarly to those that are owned and trademarked by an organization. Detection for these types of domains is based on information provided by DNS queries.

Registering similarly named domains is called “domain squatting.” The Domain Squatting risk vector enables organizations to understand the breadth of domain names that are similar to their own and can be registered by attackers.

Learn more:

Risks

The imitation domains take advantage of mistyped or misread URLs to trick users into visiting malicious sites or opening malicious email attachments.

  • The site may be crafted by attackers to deliver malware payloads.
  • The end-users of an organization are at risk of unintentionally sharing personal information, like login credentials or payment information.

Grading

See how the Domain Squatting risk vector is graded.

This risk vector is informational and does not currently affect Bitsight Security Ratings.

Insufficient Data

A default risk vector grade is assigned if there is insufficient or no data.

Behavior: Domain Squatting is an informational risk vector. It does not currently affect security ratings.

Default: grade-na.png

Lifetime

Lifetime is the number of days a finding impacts the risk vector grade, assuming nothing changes in the future and the finding is not updated with new information. This is defined by the number of days a finding will impact the risk vector grade. Learn why findings have a decay and lifetime period.

Behavior: Not applicable.

Weight

Behavior: Though the Domain Squatting risk vector is part of the Diligence risk category, which aggregates the weights of all risk vectors in the category to 70.5% towards Bitsight Security Ratings, Domain Squatting does not impact ratings.

Weight: Not applicable.

Remediation

Review Domain Squatting data.

  • Assess potential weaknesses in domain coverage. Work to register any potentially at-risk domains and to trademark your brand assets. Increase domain squatting coverage by requesting the addition of a secondary domain that legitimately belongs in your domain map.
  • Implement a policy for domain squatting threats, including process for issuing takedown requests, taking legal action based on trademark infringement, and implementing firewalls/blocking mechanisms to protect against squatted domains.
  • Verify completed questionnaires from critical third parties.
  • Be wary of suspicious domains that are similar to official domains for a third party, but not registered to their company.
  • Understand if end users at an insured company are at risk for data loss, email phishing attacks, and other threats.

When taking down a domain, refer to Uniform Domain-Name Dispute-Resolution Policy (UDRP) Disputes for any questions regarding the dispute resolution process.

Behavior

Remediated

Behavior: Domain Squatting does not impact ratings.

  • Existing domains are impacted weekly.
  • New domains are impacted the next day.

Rescan

The Bitsight platform regularly checks for new observations. A finding rescan updates findings as these observations change, e.g., newly observed Diligence findings or an existing finding was remediated.

Behavior:

  • Automated Scan Duration: 2 Weeks
  • User-Requested Rescan Duration: Not Available
  • October 8, 2024: Scan frequency updated to be more accurate.
  • March 25, 2024: “No findings/low findings” changed to “insufficient data.”
  • August 16, 2023: New Grading & Finding Behavior sections.

Related articles

Feedback

0 comments

Please sign in to leave a comment.