View all newsletters
Receive our newsletter - data, insights and analysis delivered to you

Data at risk as 81% of FTSE 100 companies hit by fake domain cyber threats

News: Most affected were companies in financial services.

By Alexander Sword

The most valuable UK companies are becoming increasingly exposed to false domain registrations against them, with cyber criminals setting up dummy copies of websites to capture user data.

81 percent of FTSE 100 organisations had potentially malicious domain registrations against them in the last three months, according to a report by Anomali titled ‘The FTSE 100: Targeted Brand Attacks and Mass Credential Exposures’.

Anomali detected 527 registrations in the last three months, with each registration creating a domain name that differs very slightly from the company’s official domain name in an attempt to trick users into clicking it and entering data.

The report said that this data could then either be sold or used to access a company’s network.

Most affected were companies in financial services, with 376 out of the 527, or 71 percent of the registered sites flagged as suspicious. Retail followed with 175 and critical infrastructure with 75.

These domains were registered most commonly to addresses in China, with the US coming second and Panama third.

The report also found that large numbers of the organisations were allowing employees to use their work credentials, such as email and password, for third party websites not related to work. 5275 compromised email and unencrypted password accounts were found to be on the Darkweb, paste sites, hacking forums, or posted through accidental exposure

Content from our partners
Scan and deliver
GenAI cybersecurity: "A super-human analyst, with a brain the size of a planet."
Cloud, AI, and cyber security – highlights from DTX Manchester

This meant that 50 employees for each FTSE 100 company have had their email and data credentials exposed due to employees using them on sites that have been hacked by cyber attackers.

Anomali noted that 40 corporate credentials across 23 companies were compromised in April when a UK-based football website had its database dumped and exposed on the Darkweb.

Jamie Stone, VP of EMEA of Anomali, said that "the evidence gathered across our threat intelligence platforms demonstrates that some basic security measures are not being adopted or followed at some of the largest and most prominent companies in the UK. The results of the report should be a wake-up call for these organisations, highlighting just how vulnerable they are in ways they might not even have considered."

The data comes at a time when many cyber threats are escalating; there was a 3500 percent increase in the creation of ransomware domains in the first quarter of 2016 compared to Q4 2015, according to research carried out by Infoblox and released 1 June.

Websites in our network
Select and enter your corporate email address Tech Monitor's research, insight and analysis examines the frontiers of digital transformation to help tech leaders navigate the future. Our Changelog newsletter delivers our best work to your inbox every week.
  • CIO
  • CTO
  • CISO
  • CSO
  • CFO
  • CDO
  • CEO
  • Architect Founder
  • MD
  • Director
  • Manager
  • Other
Visit our privacy policy for more information about our services, how Progressive Media Investments may use, process and share your personal data, including information on your rights in respect of your personal data and how you can unsubscribe from future marketing communications. Our services are intended for corporate subscribers and you warrant that the email address submitted is your corporate email address.