Netcraft Report Surfaces Spike in Online Healthcare Product Scams – Source: securityboulevard.com

A report published today by Netcraft, a provider of cybersecurity services, finds the volume of online scams relating to healthcare that are emanating from inexpensive top-level domains (TLDs) is spiking—accounting for as much as 60% of daily domain registrations.

Robert Duncan, vice president of product strategy for Netcraft, said that while these types of online scams are not new, it’s apparent that criminals are taking advantage of TLDs they can acquire at a much lower cost than, for example, a .com domain, to launch them.

In general, online scams manifest themselves intermittently as different cybercriminals adopt different tactics and techniques. The Netcraft report suggests healthcare scams are currently in vogue.

For example, one scam involves impersonating organizations such as Fox News, the Daily Mail, The Today Show and the New York Times that focus on health products backed by the judges from the popular TV series Shark Tank (in the U.S.) or Dragons’ Den (in the UK).

Netcraft claims it is helping customers block more than 7,000 such health product scams per month by monitoring TLDs and certificate transparency logs. The perpetrators of these crimes are typically looking for a way to convince unsuspecting customers to make credit payments for goods and services that are made available at prices that are typically too good to be true. Most of the advertising for the offerings is conducted over social media platforms such as Facebook using stolen credentials. Those compromised Facebook accounts are then used to bulk-post images and videos advertising the products, complete with tagging friends, to lure in other unsuspecting victims.

As such, consumers should approach every online offer being made with a healthy dose of skepticism that includes checking the domain name through which it was made, said Duncan.

Of course, there are legitimate businesses operating using inexpensive domain names but, unfortunately, cybercriminals are exploiting these domains to be point where every organization that uses one will be greeted with increasing suspicion. Many will find potential customers have simply banned any traffic emanating from those domains.

Creating an online presence using an inexpensive domain is not in itself illegal, but with the rise of generative artificial intelligence (AI) tools it will become easier to create online scams involving offers involving everything from consumer products to real estate transactions. These scams are not necessarily any different than similar scams that have been perpetrated for decades. The only real difference is the level of scale at which they are being launched.

Ultimately, these types of scams will condition customers to narrow their purchasing option to a smaller number of larger entities that have trusted domains. That may not necessarily be the best thing for consumers when it comes to finding the best price but given the potential risk most of them will naturally rather be safe than sorry.

In the meantime, providers of legitimate goods and services might want to brace themselves for more instances of their brands being hijacked for nefarious purposes by cybercriminals that can access to a domain name for as little as dollar a year.