EL PASO, Texas (KTSM) – The FBI is warning the community to beware of cyber actors who are creating fake website domains to spoof U.S.-based airport websites.
On Wednesday, Cyber Supervisory Special Agent Conal Whetten spoke to the press about the risks these crimes pose for airports, travelers, and the aviation industry as a whole.
According to Whetten, website domain spoofing is the act of creating a fake website with the intent to mislead users by assuming the identity of a legitimate group or organization, like a popular social media site or online retailer.
“They do this to steal personal and business data, and U.S. airports are an attractive target for cyber actors because there is a rich environment of business and personal information,” said Whetten.
“Cyber actors can capitalize on this sector by creating spoof domains and Wi-Fi networks, which can trick both passengers and airport operators into interacting with malicious websites or emails.”
The spoofed domains mimic legitimate domains by making slight character changes within the domain, or by associating another domain with similar characters to a legitimate one.
According to Whetten, spoofed domains are used to spread malware which can compromise a user’s personal or business data and ultimately result in financial loss or identity theft.
This poses an enormous risk to the aviation industry and its stakeholders.
“Over 96 percent of companies suffer from domain spoofing attacks in one form or another,” said Whetten.
Hackers can change user password information once the user’s device is infiltrated that can kick the legitimate users out of their own accounts.
“They can use your social media lists to scam your friends and family, even order fraudulent purchases from online businesses, ultimately leaving you with the bill,” said Whetten.
Whetten says the best way to prevent being a victim of cybercrime is to practice good online hygiene:
- Never open an attachment or click a link from an unknown sender
- Verify domains in your browser
- Use multi-factor authentication where possible
- Update anti-malware and anti-virus software and conduct regular network scans
- Disable or remove unneeded software protocols, portals