Domain security is a priority process of an investor’s business, and yesterday’s phishing email barrage reinforced that.
Cybercriminals took advantage of an actual domain status, that of suspension by the Registrar.
By customizing the notices to make them appear to be from the respective Registrar of every domain they emailed, they obtained an element of superficial authenticity.
The legitimacy of emails cannot be confirmed by their content alone, and these days there are tools in place to establish whether the email’s source is what it claims to be; Registrars should be signing their DNS zones.
So what are the lessons to be learned from such brazen attempts to confuse domain owners and potentially steal their domains?
- Email is an insecure medium for delivering information; important notices can be mimicked or spoofed.
- The element of surprise is important for the success of phishing email attacks.
- Cybercriminals take advantage of statistical possibilities, by reaching out to a large number of potential victims.
- Domain registrars have no unified or standardized method of delivering their system notices.
- There is very little education on how to identify phishing attacks and how to avoid them.
- The domain community is disorganized, uninformed, and relies on mass alerts by a few reliable sources in order to protect itself.
In the future, such attacks will most likely intensify, targeting premium domain names such as those with the highest liquidity.
With the proliferation of the new gTLDs, the Internet namespace makes it easier for cybercriminals to deliver such attacks.
It has resume again today, they are up to the letter “f”