There has been a surge in health product scams leveraging inexpensive top-level domains (TLD). These campaigns, reaching up to 60% of a TLD’s daily domain registration, employ tactics reminiscent of cryptocurrency investment scams.
In a recent report by Netcraft, the modus operandi of these scams involves the creation of fake news articles impersonating reputable organisations like Fox News, the Daily Mail, The Today Show, and the New York Times. Notably, the latest wave centres around health products purportedly endorsed by judges from TV series such as Shark Tank in the United States and Dragons’ Den in the United Kingdom.
The fraudulent articles, laden with false claims, lead users to landing pages through affiliate links. The products advertised include weight loss gummies, skin care creams, erectile dysfunction supplements, and teeth whitening kits.
While the products themselves may be legal, the misleading information in fake news articles and aggressive affiliate marketing have prompted consumer warnings from authorities, such as the Federal Trade Commission in the US.
Social media platforms, particularly Facebook, have become a hotbed for these scams. Compromised accounts, obtained through phishing websites, are then used to mass-post images and videos advertising these products, often tagging the compromised users’s friends to maximise reach.
The report delves into the role of the TLDs in facilitating these campaigns. Contrary to the 1994 RFC 1591 declaration that deemed it unlikely for new TLDs to emerge, the current landscape is inundated with generic TLDs.
Registrar gen.xyz offers domains for as low as $0.99 per year, allowing cybercriminals to spread their campaigns over a large number of domains cost-effectively.
One specific TLD highlighted in the report is .sbs. Originally registered by the Australian Special Broadcasting Service (SBS), it was later acquired by ShortDot and relaunched as a gTLD. Priced at $0.99, .sbs witnessed a drastic increase in health product scams, with 6,725 distinct IP addresses hosting such scams in July 2023.
Another TLD in the spotlight is .cloud, which Italian company Aruba PEC SpA manages is also available for $0.99; .cloud experienced a surge in health product scams in April and May 2023, peaking at 59.68% of domain registration on May 26th.
The use of randomly generated domain names, such as kemlovkc[.] SBS and ketoepiwuh511[.]cloud adds a layer of complexity, making it challenging to counteract these cyber-attacks.
In the News: UN flags Tether as the go-to for money launderers in SE Asia
