Cybercrime

Cybercrime / Featured Blogs

The ‘Millennium Problems’ in Brand Protection

As the brand protection industry approaches a quarter of a century in age, following the founding of pioneers Envisional and MarkMonitor in 1999, I present an overview of some of the main outstanding issues which are frequently unaddressed or are generally only partially solved by brand protection service providers. I term these the 'Millennium Problems' in reference to the set of unsolved mathematical problems published in 2000 by the Clay Mathematics Institute, and for which significant prizes were offered for solutions. more

Domains Under the Most-Abused TLDs: Same Old DNS Abuse Trends?

While threat actors can use any domain across thousands of top-level domains (TLDs), they often have favorites. For instance, you may be familiar with Spamhaus's 10 most-abused TLDs for spamming. WhoisXML API researchers recently built on this list by analyzing 40,000 newly registered domains (NRDs) that sported some of the listed unreputable TLDs. We called this study "DNS Abuse Trends: Dissecting the Domains Under the Most-Abused TLDs." more

Brand Impersonation Online is a Multidimensional Cybersecurity Threat

Brand impersonation happens much more often than people realize. In CSC's latest Domain Security Report, we found that 75% of domains for the Global 2000 that contained more than six characters from the brand names were not actually owned by the brands themselves. The intent of these fake domain registrations is to leverage the trust placed on the targeted brands to launch phishing attacks, other forms of digital brand abuse, or IP infringement... more

DNSAI Compass: Six Months of Measuring Phishing and Malware

The DNS Abuse Institute recently published our sixth monthly report for our project to measure DNS Abuse: DNSAI Compass ('Compass'). Compass is an initiative of the DNS Abuse Institute to measure the use of the DNS for phishing and malware. The intention is to establish a credible source of metrics for addressing DNS Abuse. We hope this will enable focused conversations, and identify opportunities for improvement. more

The Highest Threat TLDs - Part 2

In the first article of this two-part blog series, we looked at how frequently domains were used by bad actors for phishing activity across individual top-level domains (TLDs) or domain extensions, using data from CSC's Fraud Protection services, powered by our DomainSecSM platform. In this second article, we analyze multiple datasets to determine the highest-threat TLDs, based on the frequency with which the domains are used egregiously for a range of cybercrimes. more

The Highest Threat TLDs - Part 1

A domain name consists of two main elements: the second-level domain name to the left of the dot - often consisting of a brand name or relevant keywords - and the domain extension or top-level domain (TLD) to the right of the dot. Domain names form the key elements of the readable web addresses allowing users to access pages on the internet and also allowing the construction of email addresses. more

Digital Governance in 2023: Revisiting ‘1998 Deals’ and 12 Main Trends

At the beginning of 2023, the good news is that, in spite of all geopolitical tensions, the Internet infrastructure built around TCP/IP continues to carry emails, web pages, videos, and podcasts across the globe. Technically, the Internet remains robust. The bad news is that more and more digital borders will continue to affect the global nature of international digital communication... more

Three Reasons Why CISOs Need to Understand Domain Security

Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. An attack on a web domain can lead to the redirection of a company's website, domain spoofing, phishing attacks, network breaches, and business email compromise (BEC). Domains used as a company's online world are part of an organization's external attack surface and need to be continuously monitored for cybercrime attacks and fraud. more

The Hack Will Be a Costly Affair for Optus

More and more information is becoming available about the breach of Optus (Australia's second-largest telco). It looks like the hacker is more of an amateur than a professional criminal or a "state actor." This makes the hack even more worrisome. It looks as though Optus didn't have its security house in order. This makes the issue all the more painful for the company. It will dent its reputation, and customers could become somewhat wary about dealing with the company. more

Turning the Tide of Online Scams: Interview With Prof. Jorij Abraham, Global Anti-Scam Alliance

Professor Jorij Abraham has been a part of the international eCommerce community since 1997. From 2013 -- 2017, he has been Director of Research & Advise at Thuiswinkel.org (the Dutch Ecommerce Association) and the European Ecommerce Association with 25.000+ members in 20 countries. He is now Managing Director of Global Anti-Scam Alliance, whose mission is to protect consumers from getting scammed. He is also e-commerce professor at the University of Applied Sciences, TIO. more

Industry Updates

How the SVB and Credit Suisse Crash Was Reflected in the DNS

Subdomain Hijacking Vulnerabilities Report: One in Five DNS Records Are Left in a State in Which They Are Vulnerable to Subdomain Hijacking

Looking for Traces of Social Media-Based Celebrity Scams in the DNS

Uncovering Stolen Card E-Shops Using DNS Intelligence

Black Basta Ransomware DNS Investigation Led to OneNote and Courier Impersonation

Shining the WHOIS and DNS Spotlight on International Fraud

Gauging the Scale of an Active Ransomware Gang’s Infrastructure

Beyond Healthcare IoCs: Threat Expansion and EHR Impersonation Detection

Detecting Malware Disguised as OneNote with Threat Intelligence

Detecting Carder-Friendly Forums through IoC Expansion

SocGholish IoCs and Artifacts: Tricking Users to Download Malware

Profiling a Massive Portfolio of Domains Involved in Ransomware Campaigns

The Fight Against Hive Ransomware May Not Be Done as Yet-Unidentified Artifacts Show

Gauging How Big a Threat Gigabud RAT Is Through an IoC List Expansion Analysis

Sifting for Digital Breadcrumbs Related to the Latest Zoom Attack