Understanding fraud and abuse: how to protect yourself online

Cybercrime is big business. In fact, as an industry, cybercrime is predicted to be worth $10.5 trillion by 2025, which is the largest transfer of economic wealth in history, exceeding the trade of illegal drugs.

The industry is rapidly growing, and crimes are becoming more sophisticated. We all are vulnerable to cybercrime, not just the big businesses that are equipped with extensive IT security teams and can afford to cover their losses.

While we can all encounter incidents of fraud or abuse online, knowing how to act can be difficult without training or expert advice. In this guide, you will learn how to notice different types of incidents, who to report them to, and some of the best remedial actions and preventive measures you can take.

Finding the best response

It’s not always clear what we should do when we come across, or fall victim to, incidents of fraud and abuse online. Who should you report it to and how can you deal with the problem?

This may involve the domain registrar, hosting provider, or email hosting of the offending site. Find out more information on what these are and how to report a fraudulent website.

Domain registrars do not usually have the ability to investigate abusive content. When content is on third-party servers, registrars cannot take action since it is hosted elsewhere. Therefore, if the primary concern of the reported issue is related to the content, a more effective solution would be to report it to the hosting provider.

If you have a concern about a domain registered with Namecheap or hosted on our servers, you can submit a ticket to our Legal & Abuse team.

Types of online fraud and abuse

In the vast space of the Internet, we can find many different types of fraud and abuse. We will provide the basic facts on the main types and the best ways to deal with them. Here is a rundown of the fraud and abuse we are looking at:

  1. Phishing
  2. Malware
  3. Fraud/scams
  4. Whois inaccuracy
  5. Email abuse/spam
  6. Hacking activity/network attacks
  7. Trademark infringement & copyright/DMCA
  8. Illegal pharmacy/controlled substances
  9. Prohibited/illegal content
  10. Online child abuse

1. Phishing

A common cybercrime in recent years, phishing is those deceptive emails that are sent out under false pretenses. They contain links that claim to be for various purposes, but when you click on the link, you could soon find malware downloading to your system and potentially your entire network of computers.

Phishing emails can also be attempts to get unsuspecting recipients to disclose personal information to be used for fraudulent purposes or as part of a large-scale cyber attack.

Similar variations include vishing (voice-phishing), where malicious actors cold call their victims and try to get them to disclose sensitive information, and Smishing, which is the same via SMS messages.

How to respond:

You might notice phishing emails as suspicious-looking URLs that are similar to, but not the same as, well-known, legitimate sites. When someone in your organization has fallen prey to a phishing email, Malware could quickly spread across the system and network.

You should report phishing incidents to the hosting provider and domain registrar of the site in question, though the former is of greater importance.

When you report the incident, try to provide the following information in relation to the site or incident:

  • Domain Name
  • URL
  • Website targeted in the attack
  • Country your IP address belongs to (the content may be geo-blocked, so we can try using the corresponding proxy)
  • User-agent (mobile phone, PC) and browser (the content may vary depending on the device and software)

Security steps:

If a legitimate organization has been spoofed in a phishing attack, you should let them know about how their name and brand have been misused.

In response to a phishing attack, you should change your passwords as sensitive data may have been shared. You should also run malware scans to check that malware has not been downloaded as a result of someone unknowingly clicking on a malicious link.

Phishing attacks can be persistent, so the best preventive measure is to keep your employees trained and ready. It’s easy to be tricked and click on a dangerous link, but this is less likely to happen when you know the tell-tale signs of phishing and security best practices.

2. Malware

Malware is any kind of malicious software or code that can cause damage or non-standard behavior to a computer system. The objectives of malware may be to extort money, embed forced advertising, or hijack and alter system functions. It may also gain access to sensitive information in order to steal, delete, or encrypt it.

Malware can find its way into computer systems in various ways, such as when a link is clicked on in a phishing email or false online advertising.

Here are some signs that indicate the presence of malware:

  • Internet becomes sluggish
  • Programs take a lot of time to load
  • The cursor can be dragging several seconds behind your mouse
  • Intermittent ads appear on the screen
  • Free disk space decreases for no reason
  • New toolbars, extensions, or plugins are suddenly found in the browser

How to respond:

You should report malware incidents to the site’s hosting provider and domain registrar. Reporting to the hosting provider is a higher priority.

Try to provide the following information when you report malware:

  • Domain name used for malware
  • URL where the malicious file/code is located

Security steps:

If you suspect that a device is infected with malware, you should disconnect it immediately to prevent the malware from spreading. Contact a security specialist for further help and try to recall your activity before you were made aware of the problem. If possible, restore your files from backups.

Preventive measures against malware include ensuring you follow authentication methods, monitoring for suspicious activity, using the principle of least privilege, and installing effective antivirus, anti-spyware, email security, and anti-spam programs.

3. Fraud/scams

Frauds and scams are similar crimes that involve the displacement of finances through fraudulent means. This could be the theft or misuse of bank details to access money or deceiving a victim into making a payment to a criminal group.

How to respond:

You should report fraud and scams to both the offending website’s domain registrar and hosting provider.

When reporting incidents of fraud or scams, the following information for the website or company involved may be useful:

  • Domain name
  • URL
  • Paid invoices or receipts
  • Screenshot of webpage or pages
  • Emails with full header and body (in the case of email fraud)

Security steps:

You should limit any interaction with people you believe are engaging in fraud or scams and not conduct further transactions. If possible, you should save all the documents provided to you by these parties.

Always contact your bank to cancel or disable lost cards and report any stolen checks or account numbers. Search for unauthorized accounts opened in your name, loans you didn’t take out, credit inquiries you never made, or any other suspicious activity.

You can report potential identity theft cases to the FTC and file a complaint through the Internet Crime Complaint Center. It could also be a good idea to inform your lawyer and local authorities.

4. Whois inaccuracy

Whois is the authority that operates the global directory of domains. Unfortunately, it may be the case that domain registrations are false, incorrect, or outdated.

This can happen due to human error or information that has changed over time without being updated. Also, some registrants intentionally enter false details because they wish to remain anonymous.

You can find out more about Whois inaccuracy from icann.org.

How to respond:

If you come across any Whois inaccuracy, you should report this to the domain registrar of the site it concerns.

You may need to provide the following evidence when reporting incidents of Whois inaccuracy:

  • Domain name
  • Incorrect contact details

Security steps:

There are no steps to take to prevent Whois inaccuracy in other registrants, but you can ensure your details are correct and updated.

For domain owners, it’s a good idea to use a reliable Whois protection service to avoid any inaccuracies.

5. Email abuse/spam

Spam is any promotional messages you received that you did not consent to. It is also an acronym for Special Processed American Meat that was popular during the second world war, and the use of the word in regard to email abuse comes from a Monty Python comedy sketch.

Spam can be emails or other forms of mass communication that are unsolicited and misleading. It is most often sent in the form of commercial emails sent out to a large number of addresses.

Spam emails may use spoofing, which is when the email purports to be from a different individual or company to provoke a response. Spam sometimes promises a special offer or prize for recipients.

How to respond:

You should report spam or email abuse to the offending site’s hosting provider. Evidence needed when reporting email abuse includes the following:

  • "From" Address
  • "To" Address
  • Full Email Headers
  • Email Content

In the following articles, you can find out more about using and understanding email headers and how to find email headers.

Security steps:

It’s a good idea to use a spam filtering tool to ensure your inboxes are not clogged with suspicious emails and use effective antivirus and anti-malware software. For a workforce, education is the best way to raise awareness and improve security practices.

6. Hacking activity/network attacks

A network attack is an attempt by an unauthorized user to gain access to the victim's computer with malicious intent. This could be an attempt to infect the computer, exploit or destroy its resources, or steal confidential information. Generally, network attacks are either passive, where information is monitored, or active, where information is altered with the intent to corrupt or destroy the data or the entire network.

How to respond:

You should report incidents of hacking or network attacks to the site’s hosting provider. You may be asked to submit the following details in relation to the attack:

  • Domain Name
  • URL
  • IP address
  • Date and time that the abuse took place
  • Full unmasked log of the attack generated by your firewall (including source and destination IPs/domains, user-agent, timestamps, and time zone)

Security steps:

Networking and other cyberattacks can be manifested in various ways, which is why monitoring and maintaining strict security measures is imperative at all times. You should immediately contact your IT security team if you have noticed any suspicious or unusual behavior.

7. Trademark infringement & copyright/DMCA

Trademark and copyright are ways that an organization’s name and work are protected legally. A trademark is the rights to a word, phrase, symbol, or design that identifies a company, whereas copyright is the protection of a company’s intellectual property, or original work.

When an external party makes unauthorized use of a trademark or copyright, this is a violation known as trademark or copyright infringement.

Copyright infringement claims regarding material published online are covered by a United States copyright law, the Digital Millennium Copyright Act (DMCA).

Please note that if content covered by copyright/trademark policies is used for fraud or phishing, it is best to report it as fraud or phishing along with the corresponding evidence.

Check out Namecheap's Copyright and Trademark Policies for everything you need to know.

How to respond:

In the cases where violations concern the domain name, you should report this to the domain registrar, but where content is involved, you should report it to the hosting provider.

Copyright and DMCA issues should be reported to your hosting provider.

When you report copyright or trademark issues, it’s best to have the following information prepared:

  • For copyright/DMCA, an official DMCA Takedown Notice that meets all the DMCA requirements set out in our Copyright and Trademark Policies.
  • For trademark infringement, a formal notice of a trademark complaint that meets all the requirements set out in our Copyright and Trademark Policies.

Security steps:

You can protect your intellectual property and brand with a patent. Once you have registered your trademark, you can employ monitoring tools to check that identical brands do not copy yours, which may lead to a domain name dispute. Due to the DMCA, copyright infringement is easier to take action against. If you have evidence of an infringement, the other party is likely to remove the material in question when you get in contact.

8. Illegal pharmacy/controlled substances

You may come across websites selling medicine that is counterfeit, outdated, or available without a prescription. It is best to gather information on the website concerned and report the illegal activity.

How to respond:

You should report online activity concerning illegal pharmacy or controlled substances to the site’s domain registrar and hosting provider.

You may need the following information for reporting this type of website:

  • Domain name
  • URL
  • Screenshots of webpages

Security steps:

It’s important to be wary of the dangers of the Internet and be ready to thoroughly scrutinize all the online content and businesses we encounter. When it comes to pharmaceutical products, there are some signs that may suggest a website is not genuine.

If a website offers very low prices, uses spam techniques, or does not ask for prescriptions from a doctor, then it may not be a legitimate site. You can check that the site is registered with authorities like the U.S. Food and Drugs Administration (FDA) or that it carries the seal of the Verified Internet Pharmacy Practice Sites (VIPPS). The FDA also offers the BeSafeRX tool for staying aware of and avoiding illegal medical sites.

9. Prohibited/illegal content

It is possible to find content on the internet that is immoral, illegal, or disallowed for different reasons. These may include the following:

  • Cruelty to humans and animals (bestiality)
  • Terrorism, violence, or hate crimes
  • The sale of stolen cards
  • The sale of forged money, documents, or fake identification

How to respond:

When you come across such content or activity online, you should report it to the domain registrar and hosting provider of the site in question.

You should provide the following information when reporting the content:

  • Domain name
  • URL

Security steps:

It’s a good idea to use a content-based filtering system, which should be a part of your internet firewall. This will block any illegal or potentially dangerous content from your network.

Currently, online platforms are mainly subject to local laws when it comes to restricted content. But this could be all about to change with the introduction of the European Union’s Digital Services Act, which is set to regulate the content and activity of “gatekeeper” websites, such as Facebook. This will limit the posting of illegal, offensive, or abusive material.

10. Online child abuse

This is a particularly upsetting form of abuse, but unfortunately it takes place in the world.

If you notice any content that depicts a child or young person being abused, neglected, or put at risk, you should report this immediately.

While child abuse is a type of prohibited/illegal content, at Namecheap we treat this as a separate category of abuse.

Child abuse includes physical, sexual, and emotional abuse. It can be defined as any means of depicting or promoting sexual abuse of a child, including print and/or audio, centered on sex acts or child pornography.

How to respond:

You should report this to both the site’s domain registrar and hosting provider. You should provide the following information relating to the website concerned:

  • Domain name
  • URL

Security steps:

There are no preventive measures you can take to reduce this kind of abuse. But you should always report any possible cases of online child abuse that you see to prevent it from happening again.

Best practices

There are many actions you can take to improve security in your business. Given the increasing frequency and damaging consequences of cybercrime, introducing these will surely pay off.

9 best security practices

  1. Keep both your hardware and software regularly updated.
  2. Carry out regular audits and backups of your data.
  3. Use reliable systems of authentication, such as multi-factor authentication (MFA).
  4. Adopt a robust password policy, possibly with the use of password management software, so passwords are always strong and are not shared between employees or contractors.
  5. Always use effective antivirus, anti-malware, anti-spyware, and email filter software.
  6. Introduce the principle of least privilege, so employees and contractors are only given the access and privileges they directly need.
  7. Secure your perimeter with a reliable firewall and use a VPN for employees working remotely.
  8. Introduce a clear security policy for all employees and ensure that it is strictly followed. This should include policies that cover remote working practices, contractors, and mobile devices.
  9. Ensure that everyone at your company receives the security training they need so your risks are minimized.

You can find out how to prevent your hosting account from being attacked and some additional tips and general recommendations to increase security in this article.

If your website is built on WordPress, please also refer to this WordPress website security guide for additional advice.

These tips can help to decrease your chances of getting hacked, and if you become a victim of online abuse, there are steps that can also be followed as the first stages of mitigation.

Final thoughts

Every day the world is more connected and more industry is transferred to the Internet. This is an excellent sign of advancement, but it brings with it an unavoidable criminal element. Cybercrime is growing as fast as every other technology, and in the cases where people cannot keep pace with this growth, there is the potential for loss.

There is a greater requirement for more people to understand cybersecurity fundamentals, but for those who haven’t received extensive training, this can be challenging. Security is essential for everyone in the Internet age, and that means learning to be wary of Internet abuses and how to respond in the best ways.

By reporting internet abuses that we encounter, we also prevent others from falling victim to cybercrime. Once we’re ready to deal with the bad apples, then we can enjoy the great things the Internet brings us.


Robert O'Sullivan

Robert O'Sullivan

More articles written by Robert.

Join Our Newsletter

Stay inspired

Get all the latest offers, articles, and industry news straight to your mailbox every month.

Need help? We're always here for you.