In a concerning trend, cybercriminals are taking advantage of the growing popularity of AI technology by registering .AI domains of trusted brands for malicious activities. This poses significant risks to both businesses and individuals who may unsuspectingly fall victim to these fraudulent schemes.
A recent study revealed that a staggering 43% of Global 2000 companies have third-party registrations or infringements of .AI domains. Even more alarming is the fact that 84% of branded .AI domains are currently owned by third parties, leaving the legitimate brand owners with little control. Additionally, almost half of branded .AI domains are still available, providing ample opportunities for cybercriminals to exploit.
Certain industries, such as banking, diversified financials, and IT software and services, face a higher percentage of taken .AI domains, making them prime targets for cyber attacks. What makes .AI particularly attractive to cybercriminals is the absence of registration restrictions, giving them free rein to deceive unsuspecting users.
One of the major threats posed by these cybercriminals is the use of lookalike domains. Shockingly, 79% of these lookalike domains are owned by third parties, further highlighting the lack of control that legitimate brand owners have over their online presence. These lookalike domains serve various malicious purposes, including sending phishing emails or intercepting email through the presence of mail exchange (MX) records. Additionally, 36% of lookalike domains are utilized for advertising, pay-per-click ads, or domain parking, while 14% resolve to live websites not associated with the brand holder. Most concerning is the fact that 1% of these lookalike domains point to malicious content that can severely damage a brand’s reputation.
The increase in .AI domain registrations is a reflection of the growing dominance of AI technology. With 43% of Global 2000 companies experiencing third-party registrations or infringements of .AI domains, it is evident that businesses need to be proactive in protecting their online presence. The rapid detection and deactivation of confusingly similar domains is crucial in preventing website redirection, online fraud, phishing attacks, and malware. The combination of a familiar brand name and the .AI domain extension creates a false sense of trust for target victims, making it even more imperative for brand owners to register their brands in the .AI domain extension to safeguard their trademarks.
The risks posed by lookalike domains to legitimate brands cannot be underestimated. The fact that lookalike domains owned by third parties have increased by 4% from 2022 to 2023 is concerning. These domains can be used to deceive users, distribute malware, and lure individuals into downloading untrusted versions of apps. The presence of mail exchange (MX) records in 40% of these lookalike domains further highlights their potential for sending phishing emails or intercepting email. Furthermore, 36% of lookalike domains are utilized for advertising, pay-per-click ads, or domain parking. It is crucial for businesses to be aware of these risks and take proactive measures to protect their brand’s reputation.
In conclusion, the rise of cybercriminals registering .AI domains of trusted brands for malicious activity is a significant concern. The vulnerabilities posed by lookalike domains and the high number of third-party registrations necessitate immediate attention. Businesses must prioritize rapid detection and deactivation of confusingly similar domains to prevent potential damage to their brand reputation and protect unsuspecting individuals from falling victim to cybercrime.