DNS-based Business Impersonation - 2022 Edition | WhoisXML API

White Papers

Mapping the Business Impersonation Landscape through the DNS – 2022 Edition

Business impersonation cost organizations US$2 billion1 in the past year alone, making it one of the most lucrative types of cybercrime. The most common medium to carry out this threat comprises domains and subdomains, mainly in the form of cybersquatting. 

To map the business impersonation landscape, WhoisXML API researchers searched the DNS for the digital footprints of Fortune 500 companies and the world’s top CEOs. Among our findings are:

  • A total of 49,158 domains and subdomains appeared to be impersonating CEOs, organizational departments, and the companies using urgency-inducing keywords.
  • Less than 2% of the web properties could be publicly credited to the legitimate companies.
  • More than half of the resolving properties were geolocated and registered in the U.S.
  • The leading registrar was Public Domain Registry (PDR) Ltd., followed by some of the most popular registrars, including GoDaddy, Mark Monitor, and Namecheap.
  • Four of the top 10 ISPs managing the cyber resources’ IP addresses were among the worst ISPs in terms of spam and botnet infection.
  • Some malicious properties still hosted questionable content, including login forms and look-alike pages.
  • Almost 13% of the cyber resources found were flagged as malicious.

Download the white paper now to learn more or contact us to access the complete set of research materials.

  • [1] https://www.ftc.gov/news-events/news/press-releases/2021/12/ftc-launches-rulemaking-combat-sharp-spike-impersonation-fraud
Try our WhoisXML API for free
Get started