The Domain Squatting risk vector detects the presence of domains named similarly to those that are owned and trademarked by an organization. Detection for these types of domains is based on information provided by DNS queries.
Registering similarly named domains is called “domain squatting.” The Domain Squatting risk vector enables organizations to understand the breadth of domain names that are similar to their own and can be registered by attackers.
Learn more:
Risks
The imitation domains take advantage of mistyped or misread URLs to trick users into visiting malicious sites or opening malicious email attachments.
- The site may be crafted by attackers to deliver malware payloads.
- The end-users of an organization are at risk of unintentionally sharing personal information, like login credentials or payment information.
Grading
See how the Domain Squatting risk vector is graded.
This risk vector is informational and does not currently affect Bitsight Security Ratings.
Insufficient Data
A default risk vector grade is assigned if there is insufficient or no data.
Behavior: Domain Squatting is an informational risk vector. It does not currently affect security ratings.
Lifetime
Lifetime is the number of days a finding impacts the risk vector grade, assuming nothing changes in the future and the finding is not updated with new information. This is defined by the number of days a finding will impact the risk vector grade. Learn why findings have a decay and lifetime period.
Behavior: Not applicable.
Weight
Behavior: Though the Domain Squatting risk vector is part of the Diligence risk category, which aggregates the weights of all risk vectors in the category to 70.5% towards Bitsight Security Ratings, Domain Squatting does not impact ratings.
Weight: Not applicable.
Remediation
Review Domain Squatting data.
- Assess potential weaknesses in domain coverage. Work to register any potentially at-risk domains and to trademark your brand assets. Increase domain squatting coverage by requesting the addition of a secondary domain that legitimately belongs in your domain map.
- Implement a policy for domain squatting threats, including process for issuing takedown requests, taking legal action based on trademark infringement, and implementing firewalls/blocking mechanisms to protect against squatted domains.
- Verify completed questionnaires from critical third parties.
- Be wary of suspicious domains that are similar to official domains for a third party, but not registered to their company.
- Understand if end users at an insured company are at risk for data loss, email phishing attacks, and other threats.
When taking down a domain, refer to Uniform Domain-Name Dispute-Resolution Policy (UDRP) Disputes for any questions regarding the dispute resolution process.
Behavior
Remediated
Behavior: Domain Squatting does not impact ratings.
- Existing domains are impacted weekly.
- New domains are impacted the next day.
Rescan
The Bitsight platform regularly checks for new observations. A finding rescan updates findings as these observations change, e.g., newly observed Diligence findings or an existing finding was remediated.
Behavior:
- Automated Scan Duration: 2 Weeks
- User-Requested Rescan Duration: Not Available
- October 8, 2024: Scan frequency updated to be more accurate.
- March 25, 2024: “No findings/low findings” changed to “insufficient data.”
- August 16, 2023: New Grading & Finding Behavior sections.
Feedback
0 comments
Please sign in to leave a comment.