Beware: Faux Antivirus Domain Sites

Monday, December 16, 2013 @ 06:12 PM gHale

Make sure you remain aware about who and what your antivirus name and website is all about because cyber bad guys are abusing domain names and creating something similar to the ones of antivirus companies.

Security company High-Tech Bridge used its ImmuniWeb Phishing Monitor module to analyze 946 domains that are similar to the ones of Symantec, Kaspersky, McAfee, Avast, Bitdefender, Avira, Norton, F-Secure, G Data and Panda.

Automated Hacking Tools Visit Login Pages
Malware Targets SAP Users
Chrome Search Leads to Malware
Tough Ransomware Sinkholed

For instance, they targeted domains such as “,” “” or “” They identified 385 domains with 164 of them registered by individuals who want to trick users into accessing phishing websites, advertising sites, or ones that offer shady products and services.

Not to let the bad guys have all the fun, antivirus companies registered 107 of the domains identified by High-Tech in order to prevent abuse. Interestingly, squatters own 73 domains and they hope the IT security solutions providers will buy the names from them.

Not that all companies are bad guys because 41 of the domains ended up registered by legitimate businesses that have similar names to the antivirus companies.

The largest number of fraudulent domains target Symantec (35), followed by the company’s Norton brand (29), Avast (25), Bitdefender (22), and Avira (19).

Most of the websites with fraudulent content ended up hosted in the United States (75), Australia (24), Switzerland (19), Germany (16) and the UK (8).

“Our research clearly demonstrates that cyber criminals do not hesitate to use any opportunity to make money on domain squatting and subsequent illegal practices,” said Chief Research Officer at High-Tech Bridge, Marsel Nizamutdinov.

Leave a Reply

You must be logged in to post a comment.