Hidden in Plain Sight: 5 Ways Phishing Sites Avoid Detection
Phishing websites have become far more sophisticated than the basic spoof pages we saw a few years ago. As security experts improve detection and website monitoring techniques, attackers adapt just as quickly. It’s a constant game of cat and mouse. Increasingly, phishing...
Registrar Hacking and why Registry Lock is so Important
Registrar hacking isn’t theoretical—it happens more often than most people realise. There are 2,800 ICANN Accredited Registrars, and the top ten retail Registrars (that manage over 250M domains) are targeted regularly – in most cases Registrars do a great job defending...
Why Domain Registrars Are Key to Stopping Fast Flux Phishing
A recent Dark Reading article highlighted the continued growth of fast flux phishing, an old tactic that’s been on the radar of enforcement professionals for years. Maybe a forgotten scam for many, those of us working in the phishing takedowns and cyber enforcement space are...
Phishing Site Takedown: What to Do When Registrars Ignore Your Complaint
Few things are more frustrating in cybersecurity than a domain registrar ignoring a clear case of DNS abuse. Whether it’s a phishing site or a malicious domain distributing malware, every day that these threats remain active increases the risk to the public and the targeted...
DNS Abuse vs. Content Abuse: Where Registrars Draw the Line
The rise of fake websites used in phishing attacks has prompted a closer examination of how domain name abuse is handled. One of the biggest challenges in enforcement is distinguishing between DNS abuse—where the domain system itself is weaponized—and content abuse, which...
Cheap Domains, Costly Threats: How Cybercriminals Exploit Bulk Registrations
How Cybercriminals Exploit Cheap Bulk Registrations
The retail domain name industry is fiercely competitive, with registrars vying for customers by offering enticing deals on new domain registrations. To...
Crypto: Protect Yourself From Address Poisoning
The crypto market has surged in 2024, with trading volumes reaching $141.04 trillion. Unfortunately, scams have kept pace, and “address poisoning” has emerged as a highly effective tactic targeting both new and seasoned traders. This blog breaks down what address...
DNS Abuse: Phishing Evidence Submission
The Domain Name System (DNS) is designed to connect to users and services effortlessly. However, this system is exploited by bad actors for malicious purposes, generally known as DNS Abuse. Understanding what constitutes DNS Abuse, specifically phishing, and knowing how to...
Facebook Ad Scams Back on National Radar
Facebook Ad Scams are back in the news... but they have always been here
Facebook Ads are back in the spotlight, with the Government ramping up attention after DeepFakes of the Prime Minister started...
ASD Report: Cyber Threat Landscape 2023–24
ASD's Cyber Threat Landscape 2023–24: Introduction
The Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) is the Australian Government’s technical authority on cyber security....
Website Takedown Guide: Protecting Against Phishing & Fraud
13 MillionMalicious domain names registered every month
1.62M (Up 20%)Phishing web sites (attacks) detected in q1 2023
55% of phishing websites use targeted brand...