Since major brands began digitizing their communication channels, websites have become the main source of sales. Because of this, and other global contexts such as the pandemic that has accelerated internet use, fraud of this type has become a recurring crime.
The National Cybersecurity Institute explains that squatting can be carried out in various ways. Some of these are the following:
Addition: Adding a character to the end of the domain name "incibes.es".
Substitution: One character in the domain name is changed to another "incive.es".
Homographic: A character is replaced with another that is similar at first glance, "inclbe.es". This technique can also use different alphabets whose characters are similar to the Latin alphabet "incíbe.es," when in fact they may belong to another alphabet, such as Cyrillic.
Hyphenation: This consists of adding a hyphen somewhere in the domain name "inci-be.es."
Insertion: A character is added between the first and last characters of the domain name "incinbe.es."
Omission: A character is removed from "incbe.es."
Subdomain: This consists of registering a domain name with a partial name of the legitimate domain and adding the remaining characters through a subdomain "inci.be.es."
Transposition: Alternating the order of the characters in the domain name "inicbe.es."
Domain change: A free domain is used but using the same domain name "incibe.eu."
Other: Some other techniques used include adding a "w" at the beginning of the name or a "com" at the end, such as "wwwincibe.es" or "incibecom.es."
To avoid this type of confusion, it is recommended to verify the correct URL of the site you are trying to reach, pay attention to the link where personal data is entered, and take a screenshot to provide evidence if necessary. Do not open links or emails that mimic a brand; the link may be fraudulent.