NEWS FROM THE LAB - Thursday, March 30, 2006

Hey, TYPE-YOUR-CREDIT-CARD-NUMBER-HERE.COM is available for registration! Posted by Mikko @ 14:00 GMT

Being curious about phishing, we decided to look into the number of domains that mimic banks. Just how many are out there? Well, lots.

We did a simple search across com/net/org/us/biz/info top-level domains for common bank names.

Keyword Number of domains
citibank* 497
bankofamerica* 407
lloyds* 994
bnpparibas* 41
egold* 691
hsbc* 1258
chase* 6470
paypal* 1634
ebay* 8057

When someone in, say, Nigeria wants to register a domain name that starts with the name of a well known bank, why are the registrars so willing to let them register it?

Some examples of existing, active registrations, using Citibank as an example:

  citibank-credicard.comCitibank account updating, anyone?

Some of these are probably perfectly legitimate. Others probably are not...like citibank-account-updating.com, registered last Friday to Ms. Evelyn Musa in Arlington, VA?