A fraudster has registered http://zimpassports.online to defraud Zimbabweans who are desperate for the elusive Zimbabwean passport.
According to the website https://who.is, whoever registered the domain zimpassports.online has decided to keep his/her identity hidden while he/she keeps the domain active. The Zimbabwean government needs to move away from Zimbabwe’s bureaucratic system that allows online fraudsters and hackers to take advantage of domains and domain extensions that have not been secured by the relevant organisations.
More and more cyber criminals are registering look-alike domains that are identical or nearly identical, slightly altered domain names, registered with intent to deceive their intended targets.
They are also taking advantage of domains where companies and organisations are not protecting their identities by registering domain extensions like .online , .com etc. Cybercriminals register hundreds of thousands of look-alike domains each year with the goal of impersonating legitimate organisations and making money, usually by committing fraud. These look-alike domains are used for a variety of attacks including creating or cloning fraudulent websites, web traffic diversion, malware delivery and phishing emails.
Look-alike domains are created to mislead and to give clients the false impression that they are interacting with trusted organisations which results in financial losses and data compromise for established enterprises. This process of creating a cyber attack is inexpensive, and if threat actors move quickly to evade detection, they can make a massive return on their time and money.
In Zimbabwe companies do not buy similar domains or domain extensions to protect the identity of their organisations and they should make it a priority to register their domains or domain extensions. For example, if you are OK-Zimbabwe, which currently uses www.okzim.co.zw, it should buy www.ok.co.zw, www.ok.org, www.ok.com, www.ok.org.zw, www.ok.ac.zw. Zimtiles which is using zimtile.com should buy zimtiles.com, zimtiles.co.zw. Schweppes which uses www.schweppes.co.zw should buy www.schweppes.org, www.schweppes.com, www.schweppes.store. TV Sales can also register www.tvsales.org and tvsales.store to secure their identity. Spar is currently using www.spar.co.zw, it should consider securing www.spar.com, www.spar.org and www.spar.store. The idea is to protect the identity of your company from email impersonators and fraudsters who will use it for phishing.
This is now a common cybercrime and is now so common and a major cyber threat to businesses. Some of the attacks are email-based impersonation scams or phishing. The attacking scheme involves cyber criminals mimicking business owners and executives through the use of phishing emails. With the recent news headlines https://www.herald.co.zw/hackers-fleece-supermarket-of-22m/ where TM Pick n Pay lost $22 million. The cybercriminal domain registered the www.tmsupermarkets.com and emails created to impersonate included the finance manager Raymond Matsetswa’s email address Raymondmatsetswa@tmsupermarkets.com. In most cases fraudsters or cyber criminals typically pose as personnel in positions of authority and ask their victims to perform money transfers, pay invoices, or to send the attacker sensitive data.
Zimbabwean companies should now make it a priority to protect their businesses by registering and buying domains and domain extensions. Cyber criminals are now on the lookout for Zimbabwean companies that do not have domain extensions that are protected, with the .com being the most sought after domain. Criminals can buy a .com in a space of five minutes, clone the organisation website so that it looks like the original website and create the emails and they are ready to loot.
The cyber criminal then in turn uses phishing. Phishing is a type of online scam where criminals impersonate legitimate organisations via email, text messages, advertisements or other means in order to steal from clients and collect sensitive information. This can be done by including a link that will take you to the company’s website to fill in your information, but the website is a clever fake and the information you provide goes straight to the criminal behind the scam.
In the case of http://zimpassports.online the intention of the cyber criminal is to trick their victims into making a payment but the person is actually paying into the scammers account. In some cases the scammers trick their victims into doing money transfers, or paying invoices to defraud a business. The idea may be to force you to send back sensitive data related to your business or your clients.
It is time Zimbabwe’s organisations, including government institutions, protected their online identities by registering their domains and domain extensions.
If you would like to know more on how to protect your organisation from similar scams you can contact us on +263772278161 or email firstname.lastname@example.org
- Mutisi is the CEO of Hansole Investments (Pvt) Ltd and the current chairperson of Zimbabwe Information & Communication Technology, a division of Zimbabwe Institution for Engineers.