Home / Industry

CSC's Research on Election-Related Domains Aligns with Recent FBI and CISA Warning

Public Service Announcement (Source: FBI & CISA / OCTOBER 2, 2020)

Following a public announcement from the FBI and CISA warning the public to avoid spoofed election-related internet domains, CSC announced research findings that show the overwhelming majority of registered typo domains related to the election are vulnerable. Cybercriminals can use domain spoofing to make a fraudulent domain name (e.g. by using a typo of an original legitimate domain) that mimics the domain of the real website.

As noted in our recent blog post "U.S. Election-Related Web Properties Prone to Fraud and Misinformation Due to Lack of Domain Security," nearly 70% of typo domains linked to third parties are configured to send and receive emails (have MX records configured), were registered in January of 2020 or after and are using privacy protection. As a point of reference, CSC's managed corporations only use privacy or proxy services for about 2% of their domain portfolio. This tells us that the true owners of these misspelled domains may have some nefarious intentions.

CISA has initiated the #PROTECT2020 call to action to secure "to enhance the integrity and resilience of the Nation's election infrastructure, and ensure the confidentiality, truthfulness, and accuracy of the free and fair elections necessary for our American way of life." The FBI and CISA urge citizens to be aware of these crimes, and evaluate the websites they visit, and to seek out reliable and verified websites on election information.

As an organization with the most visibility into the domain landscape, CSC advocates for both presidential candidates and other election-related websites to prioritize domain security to ensure security and build confidence. Organizations such as Spamhaus have been advocating for more security to protect against domain name hijacking, and the security posture of the domain name registrars that manage internet domains.

Furthermore, CSC reported that over 90% of the election domain ecosystem lacks basic domain security protocols such as registry locks, and over 75% of these election-related domains are registered with retail-grade domain registrars (vs enterprise-level registrars) that generally do not provide advanced security protocol or a defense in depth approach. Therefore, these internet domains are vulnerable to domain name and DNS hijacking, phishing, malware payload delivery, typosquatting and many other attacks.

Here are some domain security best practices we recommend:

  • Secure access to domain and DNS management systems, including two-factor authentication, IP validation, and federated ID
  • Gain control of the user's role and permissions within the company's domain and DNS management systems, with insights into elevated access controls and an authorized contact policy
  • Make use of advanced security features, including vital domain identification, DNSSEC, CAA records, registry lock and DMARC
  • Develop end-to-end expertise that can detect, analyze, and mitigate digital brand and fraud threats, including the ability to execute takedowns worldwide
  • Work with an enterprise-class domain name registrar

By CSC, We are the business behind business – We help effectively manage, promote, and secure our clients' valuable brand assets against the threats of the online world. Leading companies around the world choose CSC as their trusted partner to gain control of their digital assets, maximize their online potential, and increase online security against brand risks.  Visit Page

CircleID Newsletter The Weekly Wrap

More and more professionals are choosing to publish critical posts on CircleID from all corners of the Internet industry. If you find it hard to keep up daily, consider subscribing to our weekly digest. We will provide you a convenient summary report once a week sent directly to your inbox. It's a quick and easy read.

I make a point of reading CircleID. There is no getting around the utility of knowing what thoughtful people are thinking and saying about our industry.

VINTON CERF
Co-designer of the TCP/IP Protocols & the Architecture of the Internet

Related

Topics

Cybersecurity

Sponsored byVerisign

Cybercrime

Sponsored byThreat Intelligence Platform

IP Addressing

Sponsored byIPv4.Global

Brand Protection

Sponsored byAppdetex

Domain Names

Sponsored byVerisign

DNS Security

Sponsored byAfilias

Whois

Sponsored byWhoisXML API

New TLDs

Sponsored byAfilias