As a long-established online attack strategy, phishing remains a popular tool for fraudsters because of its effectiveness. The Anti-Phishing Working Group reported more than 300,000 distinct phishing attacks in December 2021 -- more than three times the number reported in early 2020, and the highest monthly total ever identified. more
We've all heard the term, "you're only as strong as your weakest link." Whether talking about a tug of war on the playground, a sports team, or a business, this rings as true as ever. Every business relies on a series of suppliers and vendors -- be it the dairy farm supplying milk to the multinational food manufacturer or the payment systems that retailers use. These links form supply chains that every business, large and small, deals with. There is simply no way around it. more
A web domain name is the foundational piece of internet property allowing its owner (registrant) to construct and host an associated website. On a domain, the owner is also able to construct whatever subdomains they wish -- a process that is technically achieved via the configuration of records on the authoritative domain name system (DNS) server. more
Domain security is a critical component to help mitigate cyberattacks in the early stages - your first line of defense in your organization's Zero Trust model. According to the Cybersecurity and Infrastructure Security Agency (CISA), most cyberattacks - including ransomware and business email compromise (BEC) - begin with phishing. Although losses due to ransomware now exceed billions annually, most ransomware protection and response measures don't adequately address phishing risks in the early stages of an attack because they don't include domain security measures to protect against the most common phishing attacks. more
Hackers are using company domain names for malicious attacks more than ever before. Established research shows that phishing and related malware attacks most commonly occur from a compromised or hijacked legitimate domain name, a maliciously registered, confusingly similar domain name, or via email header spoofing. Domain security intelligence is the first line of defense in preventing domain cyberattacks. more
Is it really 2022? Is it? Although many might view 2021 as another "lost" year due to the pandemic, filled with Zoom™ meetings, virtual conferences, working from home and restricted travel - there were a number of notable domain name stories which deserve to be highlighted. So, without further ado, here are the top 10 biggest domain name stories of 2021 - let's go! more
In the 2021 Domain Security Report, we analyzed the trend of domain security adoption with respect to the type of domain registrar used, and found that 57% of Global 2000 organizations use consumer-grade registrars with limited protection against domain and DNS hijacking, distributed denial of service (DDoS), man-in-the-middle attacks (MitM), or DNS cache poisoning. On average, the adoption of domain security controls is two times higher for enterprise-class registrars than for those using consumer-grade registrars. more
Domain brand squatting can be defined as the unauthorized or dishonest use of a brand or company identifiers in domain names. It is often linked to the use of look-alike domains in bad faith, and we see it all the time. The threat actors behind these domains are called different names, though a prevalent one would be “typosquatters.” The Hot on the Trail of Compulsive Brand Squatters webinar showcased how these people are infiltrating the Internet. The first page of PhishTank’s valid phish search alone as of this writing tells us that domain brand squatting is a real and present danger. more
According to the Cybersecurity and Infrastructure Security Agency (CISA), most cyberattacks, including ransomware and business email compromise, begin with phishing. Although losses due to ransomware now exceed billions annually, most ransomware protection and response measures don't protect against the most common phishing attacks. Established research shows that phishing attacks most commonly occur from a maliciously registered, confusingly similar domain name, a compromised or hijacked legitimate domain name, or via email header spoofing. more
With cybercrime on the rise, companies in 2021 have experienced increased ransomware attacks, business email compromise (BEC), phishing attacks, supply chain attacks, and online brand and trademark abuse. While domain cyber risk is rising, the level of action being taken by Forbes Global 2000 companies to improve their domain security posture has remained unchanged, leaving these companies exposed to even more risk. The risk of not addressing your domain security can be catastrophic. more
A World-Renowned Source for Internet Developments. Serving Since 2002.