At The Identity Organisation, we're here to help!

    Or drop us a mail!

    Your privacy is important to us, and we want to communicate with you in a way which has your consent and which is in line with UK Law on data protection. As a result of a change in UK law on 25th May 2018, by providing us with your personal details you consent to us processing your data in line with current GDPR requirements.

    Here is where you can review our Privacy & GDPR Statement

    To remove consent at any time, please e-mail info@tidorg.com with the word "unsubscribe" as the subject.

    +44 (0) 1628 308038 info@tidorg.com

    79 Million Malicious Domains Flagged in the First Half of 2022

    Security researchers at Akamai identify an average of 13 million newly observed domains (NOD) each month this year, representing about 20% of the NODs resolved in the same timeframe.

    In a recent blog post, researchers at Akamai discuss how they go about identifying malicious domains. Considering that one of the techniques used by cybercriminals to avoid detection is to continually change domains, the watching of NODs makes sense.

    According to Akamai, NODs (both malicious and legitimate) are abundant; approximately 12 million new NODs appear daily, of which, just above 2 million resolve in DNS.

    And we’re not talking about legible domain names; according to Akamai, the domains are more like the following:

    9-15-22 Image

    Domain Name Examples.  Source: Akamai

    In short, cybercriminals are utilizing about 20% of the NODs as part of their phishing and social engineering attacks, utilizing this continually updated set of domain names in an attempt to avoid detection as being malicious.

    While the good guys – like the folks at Akamai – are working to stay vigilant, remember that all the efforts are reactive in nature; that is, the good guys can’t in theory get ahead of the bad guys, as no one knows what the bad guy’s next move is. So, in the world of NODs, the intent is to create heuristics rules (190 of them, according to Akamai) to help identify a NOD that’s malicious.

    But it’s still possible that some NODs will make it through scrutiny and facilitate a phishing attack. This is one of the reasons that even with really strong security technologies in place, it’s necessary to arm your users with Security Awareness Training so they become part of your defense, spotting really ridiculous domain names – like the ones above – and see the emails for what they really are: an attack.

    Can hackers spoof an email address of your own domain?

    Are you aware that one of the first things hackers try is to see if they can spoof the email address of your CEO? If they are able to commit “CEO Fraud”, penetrating your network is like taking candy from a baby.

    Now they can launch a “CEO fraud” spear phishing attack on your organization, and that type of attack is very hard to defend against, unless your users are highly ‘security awareness’ trained.

    Find out now if your domain can be spoofed. The Domain Spoof Test (DST) is a one-time free service. Run this test so you can address any mail server configuration issues that are found.

    Try to Spoof Me!

    PS: Don’t like to click on redirected buttons? Cut & Paste this link in your browser: https://info.knowbe4.com/domain-spoof-test-partner?partnerid=001a000001lWEoJAAW

    Sign Up to the TIO Intel Alerts!

    Back To Top