UK banks (including Barclay’s, HSBC, Lloyd’s, NatWest and Standard Chartered) have a total of 324 domain spoofs controlled by cyber criminals that are aimed at fooling customers and retrieving their information.
Security research and intelligence company DomainTools found 110 fake HSBC websites, 74 fake Barclays websites, 74 fake Standard Chartered websites, 66 fake NatWest sites and 22 sites that mimicked Lloyd’s Banking Group.
Researchers used the PhishEye’s proprietary algorithms to identify and surface examples of websites using fake websites which looked or sounded similar to the official websites of UK banks. It uncovered 324 ‘high risk’ domains in just four days between 27th and 31st of March.
The researchers judged which domains were ‘high risk’ by using DomainTools Reputation Engine – a score in the range of 70 or higher indicates that a domain is closely connected to others that have already been blacklisted for spam, malware or phishing.
Some of the sample high risk domains included: barclaysbank-plc[.]co.uk, www-barclays.com, hsbcgrp[.]com, lloydstbs[.]com, natwestbusinessbanking[.]co.uk and standardchartered-bank[.]com.