10:43 PM

Phishing Domain Resale Market Booms

Security researchers at F-Secure have identified more than 30 registered domain names for resale on Sedo that would be of interest only to the legitimate holder of the trademark or to phishers, F-Secure says.

Internet addresses that appeal to identity thieves eager to rip off consumers are being posted by major domain resellers, a security company charged Friday.

Finnish-based F-Secure has identified more than 30 registered domain names for resale on Cambridge, Mass.-based Sedo that would be of interest only to the legitimate holder of the trademark or to phishers, criminals who try to dupe consumers into divulging personal information by enticing them to fake Web sites. Among the domains:,,,, and

"Why would anybody want to buy these domains unless they are the bank themselves -- or a phishing scammer?" wrote Mikko Hypponen, F-Secure's chief research officer, in an alert on the company's site.

In its search of Sedo, F-Secure also found domain names for resale that use the accent characters "" and "" in place of the normal "a" or "i" to create "highly deceptive" URLs like, p', and payp'

Sedo said that while it has a process in place to pull domain sales that violated trademarks, it was the trademark holder's responsibility to file a request. "We have more than six million domains for sale," said Jeremiah Johnston, Sedo's general counsel. "It's impossible for us to proactively filter sales."

Citing Sedo as a "neutral platform" for selling similar to eBay, Johnston said his company wants to "balance the rights of all users" and added that at times, trademark owners "harass a lot of legitimate domain owners."

In the case of "," however, Johnston said the domain "sounds like a good example" of the type that would be pulled from its Sedo listing if the trademark owner -- in this case, Citibank Group -- contacted it with an objection.

Criminals often use misspelled and deceptive domain names for their bogus Web sites to fool users. Registrations of domains that closely resemble large financial institutions are common for that reason. Last March, for example, F-Secure identified nearly 500 domain names on variations of "citibank" and over 400 on versions of "bankofamerica."

According to a WHOIS search, the domain that F-Secure spotted for sale on Sedo was registered to a Beverly Hills, Calif. mailing address. The phone number listed for the domain registration is for directory assistance in the 310 area code.

Comment  | 
Print  | 
More Insights
Newest First  |  Oldest First  |  Threaded View
Register for InformationWeek Newsletters
White Papers
Current Issue
Top IT Trends to Watch in Financial Services
IT pros at banks, investment houses, insurance companies, and other financial services organizations are focused on a range of issues, from peer-to-peer lending to cybersecurity to performance, agility, and compliance. It all matters.
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
Join us for a roundup of the top stories on for the week of July 17, 2016. We'll be talking with the editors and correspondents who brought you the top stories of the week to get the "story behind the story."
Sponsored Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.