Researchers have discovered over 300 cybersquatting domains masquerading asAttack.Phishingreal UK banking sites , many of which are designed to trickAttack.Phishingcustomers into handing over personal details . DomainTools used its PhishEye tool to search for domains registered by individuals to mimicAttack.Phishingthose of Barclays , HSBC , Natwest , Lloyd ’ s and Standard Chartered . It found a whopping 324 registered domains abusing the trademarks of these lenders , including lloydstbs [ . ] com , standardchartered-bank [ . ] com and barclaysbank-plc [ . ] co.uk . “ Imitation has long been thought to be the sincerest form of flattery , but not when it comes to domains , ” explained DomainTools senior security researcher , Kyle Wilhoit . “ While domain squatters of the past were mostly trying to profit from the domain itself , these days they ’ re often sophisticated cyber-criminals using the spoofed domain names for more malicious endeavors. ” Cybersquatting can be used for a variety of ends , including redirecting the user to pay-per-click ads for the victim company ’ s competitors ; for-profit survey sites , or ransomware and other forms of drive-by malware . However , one of the most common is to createAttack.Phishinga phishing page similar to the spoofed bank ’ s original , which will ask for log-ins or other banking and personal information . This years ’ Verizon Data Breach Investigations Report ( DBIR ) claimed phishingAttack.Phishinghas soared in popularity , present in a fifth ( 21 % ) of attacks , up from just 8 % last year . “ Many [ cybersquatters ] will simply add a letter to a brand name , such as Domaintoools.com , while others will add letters or an entire word such as ‘ login ’ to either side of a brand name . Users should remember to carefully inspect every domain they are clicking on or entering in their browser . Also , ensure you are watching redirects when you are going from site to site , ” advised Wilhoit . “ Brands can and should start monitoring for fraudulent domain name registrations and defensively register their own typo variants . It is better to lock down typo domains than to leave them available to someone else and at an average of £12 per year per domain , this is a relatively cheap insurance policy . ”