A US-based anti-spyware company has registered the “.com.au.com” domain name which experts say it could be used by cybercriminals to create convincing phishing attacks.
For example, typing in www.google.com.au.com or www.commbank.com.au.com will lead you to an anti-spyware download page, as will all other URLs ending with “.com.au.com” or “.org.au.com”.
Users who accidentally add .com to the end of an Australian domain will also be redirected to a fake anti-spyware site.
Bradley Anstis, vice president of Marshal – a security firm, was concern about the new development. “This one is pretty worrying really; I think it sends a very strong message to domain registrars, how they can allow a top level domain to be registered as a secondary level domain is clearly beyond me.”
Though, it is redirecting traffic to the fake spyware page, Anstis claims that more specific attacks are possible.
The au.com domain is owned by Australian domain name reseller and hosting provider Net Registry. According to ZDNet Australia, the auDA (Australian Domain Name Administrator) could take legal action over the domain.
Security firm F-Secure has analysed the “anti-spyware” program and confirmed that the software was fake. Patrik Runald said to ZDNet that when it scans your PC “when you scan your PC it will always find something to complain about … to clean anything you need to register your e-mail address and then it asks you for your credit card.”