Common Domain Name Security Risks
14 December 2022
Domain name security is an essential part of protecting your brand and reputation, and ensuring the long-term success and profitability of your business. By implementing strong security measures and regularly monitoring and managing your domain portfolio, you...
Proposed Whois Disclosure System
15 October 2022
Whois was once a powerful brand protection tool
Whois used to be a tool that disclosed ownership of a domain name. Brand Protection agencies like brandsec would use it as the first port of call to discover data points on domain name abusers. Information from...
How safe really is MFA?
25 September 2022
TL/DR
Use an authenticator app like Google or Microsoft Authenticator.
SMS and Email authentication are better than nothing but can be compromised.
Turn off your bank app notifications.
Never approve an authorization request that you have not initiated....
Another typosquatting domain used in scam
24 August 2022
India: Scammers registered a confusingly similar domain name of a Hyperbad Aerospace company and managed to scam their partners.
TFC Manufacturing run of the domain name tfcmfg.com. The scammers registered the domain name “tfcmfq.com”. The...
Phishing, Malware, Spam – The worst domain name spaces
Friday 15 July 2022
This blog looks at the dubious awards for worst domain spaces across Malware, Phishing Attacks and Spam. Not all domain spaces are designed to be good.
Domain Tools recently released its spring report, Internet Scale Patterns in Malicious Infrastructure...
Domain Abuse: Typo Domains used in elaborate scam
Domain Name abuse is a key tool used by bad actors to scam brands, their staff, prospective employees, suppliers, customers etc… A complaint was recently filed through the Arizona District Court that provides insight into the elaborate nature of domain abuse and is a...
Domain name transfer scams
1 November 2021
Domain transfer scam attempts seem to be on the rise. This week several major Australian brands received .au domain password recovery emails from auDA, the administrator of Australia’s .au top-level domain.
Domain name passwords allow domain names to be...
Purchase order scams on the rise in October
Last month brandsec was engaged to assist several brands in enforcing against lookalike domain names that were used to impersonate them and their employees. The false domain names in question appeared legitimate, and the website was simply copied for authenticity. The common...
Registry Lock to Prevent Domain Hijacking
What is domain hijacking?
Domain name hijacking is when an unauthorized third party, often a hacker, gains control of a company’s domain name portal and seizes control over their DNS system, enabling them to make unauthorized changes and transfers.
What happens when a...
Report: Domain Security and Enterprise Risk Management
Dave Piscitello, Dr. Colin Strutt, and Lyman Chapin of the Interisle Consulting Group released a report (click here) on 28 June 2021 looking at the adverse and costly consequences of domain abuse for enterprise brands. They explore how domain names can be incorporated into an...
Another scam alert from auDA
auDA the administrator of Australia’s .au top level domain issued a scam alert today. We are seeing emails being sent out by someone posing as an auDA employee and asking for either copies of identification documents or verification of contact information. auDA does not...
A look at how cybercriminals exploit spoofed domains
Originally published by David Goldstein of Brandshelter
With cybercriminals seeking to take advantage any way possible, internet users need to be aware of what they are doing online all the time. One of the myriad ways cybercriminals seek to take advantage of internet users...