As discussed on one of our podcasts, we have a whole new slew of domains that were once belonging to Google but now belong to Name Cheap if I remember correctly.
One of them is the .zip domain. Domains like this may be confused with actual file extensions like zip, exe, com and others. The difference with com is that it has been around for a very long time, so no major confusion is made with them.
Phishlabs has an article out titled Cyber Defense Magazine: New PhishLabs Research Details .ZIP Abuse which should be read.
While .com domains have been abused, we’ve seen other abuses of TLD’s like .top, .net, .shop, and even .email that I’ve seen.
At one point, I had the entire .shop domain blocked because most of what I’ve seen from them are spam or phishing attempts.
But I’m seeing lots of .net and .com abuses but that we’ve expected.
Look-alike domains using common file extensions are increasingly used to enhance the perceived legitimacy of cyber threats. According to the latest data from PhishLabs, TLDs using familiar terms like .zip have seen an increase in abuse, with New TLDs .app and .shop demonstrating a 200% and 387% increase in activity, respectively.
Think about that! .shop is now up 300 percent in abuse! I know of a few legitimate .app domains, so I’d hate to have to resort to blocking those, but .shop domains are so cheap that they’re pennies on the dollar so to speak at least for the first year.
The article links to a report which you’re welcome to read, but the article by itself is interesting enough.
What do you think?
Discover more from The Technology blog and podcast
Subscribe to get the latest posts sent to your email.