It's funny because I own such a domain. A large financial institution in my country changed its main domain name to something that had a very clear potential for a typo.
I informed them, was ignored and just registered the domain myself. I'm showing a large banner and added GDPR friendly analytics (Vince, I like its simplicity and efficiency). I'm getting a couple of victims every day.
Maybe this is a sign to get in touch again with them and if they ignore me, just publish it.
Update: they responded to my disclosure with a canned response "there was not enough information to answer your question, please go through our contact form again". I guess that's an invitation to publish.
So here is the primer:
the Belgian National Lottery used to be e-lotto.be. They decided to change (in French) to loterie-nationale.be. You might notice that in Belgium lotto has 2 T, same for "lottery" in English while the organization is "Loterie Nationale" with 1 T.
They didn't register lotterie-nationale.be. I suggested it to them, got ignored. So I did it. If you go there now, you'll get a banner informing you about your mistake. I have a couple of victims every day, a lot more on Friday 13 etc.
There was a recent scandal that our former Finance Minister is accused of money laundering 800,000€ through that platform, so it's not a small website.
Damn, OVH broke the TLS. I migrated it to my server and it's not properly served with a valid TLS. I'll let it run for a few days before publishing the details and insisting at their security contact point.
Thanks
It's not a bank or payment provider per se but still processing a large amount of money. I sent them a new notification. I hope that they won't take too much time to respond.
I informed them, was ignored and just registered the domain myself. I'm showing a large banner and added GDPR friendly analytics (Vince, I like its simplicity and efficiency). I'm getting a couple of victims every day.
Maybe this is a sign to get in touch again with them and if they ignore me, just publish it.