Phishers have long embedded exact matches of brands in domain names that they register for phishing. Company, service, or product names in domains continue to deceive less technically savvy members of society. Phishers are increasingly using exact match strings to compose hostnames at free web sites for phishing.
My Interisle colleagues and I looked at the web site domains and subdomains used in phishing attacks from November 2023 through January 2024. During that period, impersonation attacks against two brands stood out: United States Postal Service (USPS) and Facebook. Looking closely at these two brands, we are able to illustrate how phishers employ two different naming methods.
https://www.cybercrimeinfocenter.org/phishing-trends-november-january-2024
Post a comment
Comments are moderated, and will not appear until the author has approved them.
Your Information
(Name is required. Email address will not be displayed with the comment.)
Comments
You can follow this conversation by subscribing to the comment feed for this post.