Attacks & Threats
Cybersquatting
Also known as: Domain squatting
Definition
Registering domain names that contain trademarks or well-known brand names without authorization, typically to extract money from the rights holder or to deceive users.
Examples
- An attacker registers "acmecorp-support.com" to demand payment from the real ACME Corp or to host phishing.
- Speculators acquire newly minted gTLD domains matching well-known brands hoping to resell them.
Related terms
Typosquatting
Registering domain names or package names that are misspellings or visual look-alikes of legitimate ones, to catch users or developers who make typing or recognition errors.
Domain Hijacking
The unauthorized takeover of control over a registered domain name at the registrar or registry level, allowing an attacker to redirect traffic, email, and trust to malicious infrastructure.
Phishing
A social-engineering attack in which an attacker impersonates a trusted party to trick a victim into revealing credentials, transferring money, or running malware.
DNS Hijacking
An attack that redirects DNS resolution to attacker-controlled answers by modifying client settings, router configurations, resolver responses, or authoritative DNS records.
Supply Chain Attack
An attack that compromises a trusted third-party software, hardware, or service provider in order to reach its downstream customers.
Business Email Compromise
A targeted fraud in which an attacker impersonates or takes over a corporate mailbox to trick an employee into wiring money, changing payment details, or sending sensitive data.