201901.14

Attack on WeTransfer: beware of malwares!

Our Online Brand Protection service reports a new large-scale attack on the electronic documents transfer specialist WeTransfer.
We have identified that emails similar to those of WeTransfer are currently being mass-mailed, with a download link very similar to the URLs used by WeTransfer:
The attack works in a very simple way: hackers simply registered the domain name vvetransfer.com, with two “Vs” instead of a “W”. At first glance, the average internet user will not make the difference easily!
The links we have identified download unreliable files, which may contain dangerous elements for your computers and data. We strongly recommend that you do not download these files if you are not sure if you should be receiving documents through WeTransfer, and from whom.
What is typosquatting?
Typosquatting is a form of cybersquatting which relies on typos and spelling mistakes. In practice, the typoquatters register domain names which spelling or phonetics mimic those of a high-traffic website or a well-known brand.
How to fight?
IP Twins offers a number of solutions to protect your brand and your consumers from these attacks: domain name monitoring, SSL certificates, security policies on domain names… Do not hesitate to contact your account manager for any information request.

About IP Twins

  • IP Twins is an ICANN-accredited domain name registrar with 15 years of experience in domain name strategy and management. We represent trademark holders in UDRP proceedings.
  • IP Twins also offers anti-counterfeiting and anti-cybersquatting monitoring services. Detective, our monitoring software, identifies online counterfeits and cybersquatting. We collect evidence and remove references to counterfeits from hundreds of marketplaces, social networks and the web in general.
  • Should you need to complete these investigations, our team based in China can help.
  • Do not hesitate to contact us.