Location

Hilton Hawaiian Village, Honolulu, Hawaii

Event Website

https://hicss.hawaii.edu/

Start Date

3-1-2024 12:00 AM

End Date

6-1-2024 12:00 AM

Description

Cybercriminals regularly impersonate organizations when carrying out attacks. This paper investigates a tactic that has not been studied previously. In so-called doppelganger attacks, miscreants register domains similar to legitimate subdomains used by organizations. Investigation of domain registration data from 2009-2022 uncovers 84,952 1st-party doppelganger attacks that mimic valid subdomains of organization websites, plus a further 5,448 3rd-party doppelgangers in which service providers used by organizations are impersonated. By analyzing patterns of the gathered data, the paper studies how victims are affected and attackers organize their activities. It is hoped that by raising awareness to this attack technique, future malicious activities may be curtailed.

Download

Share

COinS
 
Jan 3rd, 12:00 AM Jan 6th, 12:00 AM

Identifying Subdomain Doppelganger Attacks against Companies

Hilton Hawaiian Village, Honolulu, Hawaii

Cybercriminals regularly impersonate organizations when carrying out attacks. This paper investigates a tactic that has not been studied previously. In so-called doppelganger attacks, miscreants register domains similar to legitimate subdomains used by organizations. Investigation of domain registration data from 2009-2022 uncovers 84,952 1st-party doppelganger attacks that mimic valid subdomains of organization websites, plus a further 5,448 3rd-party doppelgangers in which service providers used by organizations are impersonated. By analyzing patterns of the gathered data, the paper studies how victims are affected and attackers organize their activities. It is hoped that by raising awareness to this attack technique, future malicious activities may be curtailed.

https://aisel.aisnet.org/hicss-57/st/digital_forensics/3