Threat Intelligence

Host to IP and DNS Analysis of Dozens of Fortnite-Inspired Typosquatting Domains

Captain America arrived on Fortnite in time for the 4th of July celebration. This announcement was big news to the gaming community, with search terms such as "fortnite captain america skin" and "fortnite captain america" significantly rising in popularity on Google in the past week. more

Bulk Domain Lookup of 3,000+ NRDs with “Deal” Word Strings Appearing Days before July 4

The U.S. Independence Day comes with both fireworks and the best deals. On this holiday, retailers usually offer big discounts. At this time when people may opt to shop online, several publications like TechRadar and Business Insider even curated a list of 4th of July deals from different retailers. more

Bulk WHOIS Lookup of Florida SMMC Lookalike Domains Shows Signs of Typosquatting

A bulk whois lookup of domain names similar to the official website of the Florida Statewide Medicaid Managed Care (SMMC) Program -- www[.]flmedicaidmanagedcare[.]com -- indicates that a typosquatting event, or a cybersquatting one at the very least, might be at play. more

Hundreds of Election-Related Domain Names Seen as 2020 U.S. Elections Nears

Even as the world continues to tackle the coronavirus pandemic, essential events just can't be delayed. The U.S. presidential elections will continue to take place on 3 November 2020. more

Upward Trend Seen in “All Lives Matter,” “BLM,” and “Protest” Domain Registrations

George Floyd passing away while being arrested in Minneapolis, Minnesota, sparked several Black Lives Matter (BLM) protests worldwide. The protests started on 26 May, a day after Floyd's death, spanning states and even countries within a few days. more

Punycode Phishing: Internationalized Domain Names Remain a Threat in 2020

Back in 2018, investigative journalist Brian Krebs warned against the nuances of internationalized domain names (IDNs). These domains, which contain non-Latin characters but appear to do so, can be used to create visual confusions that can become particularly handy in executing credible punycode phishing campaigns. more

WhoisXML API Detects Hundreds of Microsoft-Inspired Typo Domains

Microsoft is among the top technology companies globally and so is in critical need of brand protection. The company name already figured in many phishing campaigns, including Microsoft Office 365 that has been abused several times in business email compromise (BEC) scams. more

Typosquatting Data Feed Can Enhance Lloyds Bank’s Typosquatting Protection

Typosquatting are among the cybersecurity threats that deserve a closer look in the financial sector. In fact, the early detection of typosquatting domains can help financial institutions maneuver away from cyber risks that could cause much damage. But to what extent is this the case? more

60+ PayPal Potential Typosquatting Domains Detected in the Beginning of June

PayPal is still one of the most imitated brands on the Internet. From 1-8 June 2020, the Typosquatting Data Feed detected a total of 64 PayPal lookalike domains. more

Typosquatting Domains Every AppleID Owner Should Avoid

On 29 April 2020, IBM X-Force warned users of an AppleID typosquatting campaign specifically targeting members of the media sector. We sought to dig deeper into these threats and find other relevant domains and IP addresses that users, regardless of industry, may need to steer clear of. more