Cybercrime

Sponsored
by

Noteworthy

Domain Research and Monitoring: Keeping an Eye on the Web for You

WHOIS History API: Powering Domain Investigations

Reverse WHOIS: A Powerful Process in Cybersecurity

Blogs

How Can Greater Security, Safety and Trust in the Internet Be Created?

In the coming days, the Internet Governance Forum Dynamic Coalition on Internet Standards, Security and Safety will be announced on the IGF website. The following is an invitation to participate, share ideas and best practices, the willingness to take on a new approach towards mass deployment of internet standards and ICT best practices. Feel free to reach out to us and start working towards a kick-off meeting at the global, virtual Internet Governance Forum in November. more

Fraudulent Transfer: Recovering Stolen Domain Names

Either because of laxness on the part domain name holders or cunning on the part of thieves, registrars have been duped into transferring domain names to fraudsters' accounts. I discussed the matter last year in Recovering Domain Names Lost to Fraudulent Transfer. These cases are mostly filed in the Eastern District of Virginia, Alexandria Division, for the good reason that the registry for dot com is located in that jurisdiction and they are mostly recovered. more

Received a Questionable Email From NABP? It May Be Illegal Spoofing

Has your organization recently received an email claiming to be from NABP's Internet Drug Outlet Identification Program (IDOI)? If so, it is possible that someone is trying to trick you. The NABP IDOI team's email account has recently been illegally "spoofed" by unaffiliated persons or organizations. Email spoofing involves the forgery of an email header so that the email appears to have originated from someone other than the actual source. more

How Global Trends Arising from COVID-19 May Influence Online Brand Protection Strategies

We're in an interregnum where society has paused, and there's no telling how things may turn. In such times of crisis, we are the explorer; exploring the uncharted waters of change, where dangers and opportunities lie. How the pandemic caused this greater societal change may not be something that an individual can alter, we may, however, take the helm and navigate. more

The State of DNS Abuse: Moving Backward, Not Forward

ICANN's founding promise and mandate are optimistic -- ensure a stable and secure internet that benefits the internet community as a whole. Recent months, however, have highlighted the uncomfortable truth that ICANN's and the industry's approach to DNS abuse is actually moving backward, ignoring growing problems, abdicating on important policy issues, and making excuses for not acting. Further, the impending failure of ICANN's new WHOIS policy to address cybersecurity concerns will add fuel to the fire, resulting in accelerating DNS abuse that harms internet users across the globe. more

Hot Take on the Twitter Hack

If you read this blog, you've probably heard by now about the massive Twitter hack. Briefly, many high-profile accounts were taken over and used to tweet scam requests to send Bitcoins to a particular wallet, with the promise of double your money back. Because some of the parties hit are sophisticated and security-aware, it seems unlikely that the attack was a straightforward one directly on these accounts. more

Beware of Abandoned Domain Names in this Turbulent Time and as the Global Economy Changes

The outbreak of COVID-19 has caused worldwide disruption -- for whole nations and their economies. Unfortunately, there will be some side effects for businesses. A number of brands will disappear from the streets and shelves, as businesses that fail to weather the storm will have to fold. Companies that do survive will likely focus more on their core markets, pulling brands out of higher risk, less profitable markets... more

Freedom of Expression Part 3: Child Pornography, Manga, Anime, Obscene Publication

At the 44th Session of the Human Rights Council, we heard how 1 billion children in 2019 who were subjected to various forms of violence and the need for more action to protect children according to the Special Rapporteur. The United Nations Committee on the Rights of the Child released Guidelines on the implementation of the international treaty that bans child pornography, proposing to expand its interpretation to include bans on drawings and stories that sexually depict minors. more

Freedom of Expression Part 2: Blocking, Filtering and Removing Online Content

The Internet is a catalyst for what has revolutionised and transformed human societies in giving extraordinary access to information that has catapulted development and economic growth. It also comes with threats of exploitation by those who wish to do harm. In Part 1 of these series, we looked at how Twitter banned Graham Linehan for his tweet where we saw that to an extent, it was justifiable under Californian law but that a Judge in the Fiji courts would disagree with. more

Hundreds of "George Floyd" and "Black Lives Matter" Domain Names Appear in the DNS

Trending news and global events impact domain registration behaviors. We observed a slew of coronavirus-themed domain name registrations, for example, as early as January. George Floyd's death, which sparked several Black Lives Matter movements, is no different. Three days after George Floyd died, our data feed started detecting George Floyd-themed domain names... We retrieved all domain names that contain the strings "eorge," and "lackliv" from 28 May to 7 June and found 402. more

Surveillance Capitalist in Chief

Surveillance capitalism monetizes private data that it collects without consent of the individuals concerned, data to analyze and sell to advertisers and opinion-makers. There was always an intricate relationship between governments and surveillance capitalists. Governments have the duty to protect their citizens from the excesses of surveillance capitalism. On the other hand, governments use that data, and surveillance capitalism's services and techniques. more

Measuring Abuse: How Much COVID-Related Abuse Is There, Really?

Like measuring COVID's impact, so too measuring the impact of COVID-related abuse on the Internet is difficult, there are those that would foolishly dismiss the danger entirely, others over-state the problem, perhaps to prompt sales of tools and services. The amount and type of abuse varies from network to network, and to declare everything is fine based on one world-view you believe to be ubiquitous, or that the sky is falling based upon another, extrapolated to 'everybody else' is simply poor analysis. more

3 Reasons It's Crucial to Review Your Domain Lock Portfolio Now

Just as we started the new year, the U.S. Department of Homeland Security's Cybersecurity and Infrastructure Security Agency's (CISA) issued an alert. On January 6, 2020 , they warned of domain name system (DNS) hijacking and other cyber threats that may be used by nation-state threat actors to disrupt business activity and take control of vital internet assets. A familiar refrain heard in 2019 now repeating in 2020. more

Coronavirus Online Threats Going Viral, Part 5: Social Media

For our final blog in this series, looking at the online risks associated with COVID-19, we focus on social media. The popularity of social media channels means that they are extremely susceptible to exploitation by cybercriminals and other infringers, particularly during the coronavirus crisis. In an earlier post in this series, we discussed the use of social media for the distribution of phishing-related content, but CSC has also noted marked activity relating to the creation of fake accounts. more

Coronavirus Online Threats Going Viral, Part 4: Phishing

In part four of this series of posts looking at emerging internet content relating to coronavirus, we explore phishing. In times of crisis, cyber criminals invariably take advantage of the growing concerns of the public. In the case of the coronavirus, they have done so by sending phishing emails that play on the fears surrounding the spread of the illness. A number of reports have emerged of emails purporting to provide advice or assistance relating to COVID-19... more

News Briefs

Trump Admin Ramping Up Attacks on GDPR – Says It Helps Cybercrime, Threatens Public Health

Trust Has Eroded Within the Cybercriminal Underground Causing a Switch to Ecommerce Platforms

Google Reports 18 Million Daily COVID-19 Related Malware, Phishing Emails Per Day

Over 360 Security Experts Around the World From Group to Combat COVID-19 Hackers, Protect Hospitals

Microsoft Takes Legal Action Against North Korean Cybercrime Group, Takes Down 50 Domains

U.N. Approves Resolution to Combat Cybercrime Despite Opposition From E.U., the U.S. and Others

Leading Domain Registries and Registrars Release Joint Document on Addressing 'DNS Abuse'

More Than 500 Schools in the U.S. Hit by Ransomware in 2019, Says Report

Cyber Risk Now on Top of Corporate Risk Agendas, Cyber Insurance Expanding

281 Arrested Worldwide by US Federal Authorities in Connection With Business Email Compromise Scheme

The Insecurity of the IoT is Only Getting More Profound, Says Principal Researcher at F-Secure

Ransomware Causes 15 Schools in Arizona To Stay Closed For a Second Day

Phishing Attacks Targeting Executives Now Top Cybersecurity Insurance Claims, Says AIG

By 2021 Cost of Cybercrime to Top Annual Natural Disasters and Global Drug Trade Costs, Says Report

Close to 200K Phishing Domains Discovered in a 5-Month Span, 66% Targetted Consumers, Akamai Reports

A Seattle Woman Charged With Capital One Data Theft Affecting 106 Million People

A 60% Rise Reported on Malware Designed to Harvest Consumers' Digital Data, aka Password Stealers

Florida Cities Are Paying Hundreds of Thousands of Dollars in Ransom to Get Their Data Back

Baltimore Gets Hacked: Main Computer Systems Crippled, Experts Estimate Months to Recover

Hackers in Possession of Over 312K Files, 516GB Financial Data of Some of World's Largest Companies

Most Viewed

Most Commented

Taking Back the DNS

Domain Tasting Target of US Federal Cybersquatting Lawsuit

Fake Bank Site, Fake Registrar

When Registrars Look the Other Way, Drug-Dealers Get Paid

Who Is Blocking WHOIS? Part 2

Threat Intelligence Platform Updates – Sponsor

How Cyber Threat Intelligence Feeds Can Support MSSPs

Organizations that don't have a dedicated pool of cybersecurity experts often hire managed security service providers (MSSPs) to help them ward off attempts and attacks. Yet in today's ever-dangerous cyber threat landscape, even the best service providers may fall for cybercriminals' traps. more

Threat Intelligence: The First Line of Defense Against Data-Stealing Ransomware

The threat landscape is ever-changing. As time goes by, threat campaigns use new and more sophisticated technologies than seen before. Still, some reuse tried-and-tested methods while adding a few other functionalities, as in the case of FTCODE ransomware operators. more

How Can Domain Intelligence Analysis Help in Vetting Third-Party Providers

For 16 months, PayMyTab, a third-party payment provider, leaked the private data of customers who dined in a U.S. restaurant when it failed to follow a simple yet essential security protocol. more

Using Threat Intelligence Feeds to Prevent Orcus RAT Infections

John Paul Revesz (also known as "Armada"), the Canadian behind the Orcus RAT (a software that been used in various malware attacks), has been charged under Section 342.1 of the Criminal Code on November 8. The specific section is for the unauthorized use of a computer, and at its core, this is what Revesz's Orcus software does. more

The Disney+ Account Hijacking: Preventing Unauthorized Network Access with Threat Intelligence Tools

What was supposed to be an exciting week after the launch of Disney+, a subscription-based video-on-demand (VOD) streaming service of Walt Disney Company, turned into a nightmare for thousands of users. more

Billtrust Breach: Can Threat Intelligence Platforms Help with Ransomware Prevention?

Highly publicized ransomware attacks are never short of golden nuggets of wisdom for the cybersecurity industry. They first teach us that attackers control the rules of the game once infiltration is complete. Second, large enterprises that use cloud-based technologies to store sensitive financial information continue to be at risk. more

Post NordVPN Data Exposure: Using Domain Threat Intelligence to Prevent MitM Attacks

NordVPN admitted last month that its data center located in Finland was hacked on March 5, 2018. While the virtual private network (VPN) service provider claimed it learned of the incident as early as April 13, 2019, it only confirmed the compromise last month after reports that its expired Transport Layer Security (TLS) certificate and its private key were leaked. more

Industry Updates

WHOIS History Footprint Tells Us More about the Man Behind the Biggest BLM Scam

Afilias Joins Global Encryption Coalition to Promote Internet Security

Typosquatting Data Feed Can Enhance Lloyds Bank's Typosquatting Protection

60+ PayPal Potential Typosquatting Domains Detected in the Beginning of June

Typosquatting Domains Every AppleID Owner Should Avoid

Shopping and the Pandemic: Increased Reliance on Mobile Apps 

Typosquatting Protection: A Look into Instagram-Themed Domain Names

Investigating Typo Domains Beyond Credit Suisse's Spying Scandal

IP Geolocation Intelligence: An Aid Against Location-Based Threats?

How to Avoid Phishing Campaigns Targeting CARES Act Recipients

Newly Registered Domains Database Shows Threat Actors Exploit the Need for N95 Masks amid the Pandem

Domain and IP Intelligence Checks Following the Launch of the COVID-19 Solidarity Response Fund

Under the Hood of 3M- and 3M Mask-Themed Recently Registered Domains

Domain Intelligence Shows Cybercriminals May Abuse Video-Conferencing Services' Brand Names

How Cyber Threat Intelligence Feeds Can Support MSSPs

Participants – Random Selection