Cybercrime

Sponsored
by

Noteworthy

Reverse WHOIS: A Powerful Process in Cybersecurity

Domain Research and Monitoring: Keeping an Eye on the Web for You

WHOIS History API: Powering Domain Investigations

Cybercrime / Featured Blogs

Encryption, Our Last Line of Defense

Encryption is fundamental to our daily life. Practically everything we do online makes use of encryption is some form. Access to our financial transactions, health records, government services, and exchanged private messages are all protected by strong encryption. Encryption is the process of changing the information in such a way as to make it unreadable by anyone except for those possessing special knowledge (usually referred to as a "key"), which allows them to change the information back to its original, readable form. more

IGF2019 Observation: Compare Chancellor Merkel's Digital Sovereignty with Chinese and U.S. Version

The 2019 UN IGF is right now being held in Berlin and entering the last day. There has been a wide range of exciting discussions. It is a huge step forward that this year's IGF has been able to bring a plethora of topics together under a framework of thinking after the efforts done by the UN Secretary-General António Guterres' High-Level Panel on Digital Cooperation (The Age of Digital Interdependence) and by German scholars' engagement with all the stakeholders... more

Crypto Back Doors Are Still a Bad Idea

In the always interesting Lawfare blog, former FBI counsel Jim Baker in a piece called Rethinking Encryption reiterates his take on the encryption debates. There's a certain amount that makes me want to bang my head against the wall... But it's worth reading to remind us of what the other side is thinking, even with a lot of motivated reasoning that makes him conclude that Congress can pass some laws and the going dark problem will be solved. more

Cybercriminals Benefitting from Stalled Privacy/Proxy Policy

We've seen alarmingly BIG increases in multiple abusive behaviors – like phishing, hacking and malware – that often leverage the domain name system (DNS) and privacy/proxy services. Cybercriminals capitalize on gaps in DNS security measures, and ICANN is holding the door open for them by failing to implement their privacy/proxy policy. If you are ever targeted, you are not alone. more

Cybercriminals Weaponize Bulk-Registered Domain Names

Domain names that can be rapidly acquired, used in an attack, and abandoned before they can be traced are a critical resource for cybercriminals. Some attacks, including spam and ransomware campaigns and criminal infrastructure operation (e.g., "botnets"), benefit particularly from the ability to rapidly and cheaply acquire very large numbers of domain names – a tactic known as bulk registration. more

Encryption and Child Sexual Abuse Prevention

Just over one week ago, the New York Times published a major investigation into the intractable problem of illegal sexual images of minors being exchanged online. Despite flaws in the story and its companion pieces, the main take-away that Internet companies have failed to adequately address the problem has resonated widely. Prostasia Foundation too has been critical of some of the Internet platforms called out in the article. But at the same time, we need to be realistic about how much responsibility we can (or should) place on tech firms to solve this problem. more

IGF Best Practice Forums, an Opportunity to Bring Your Experience to the Policy Debate

In the run-up to the 14th Internet Governance Forum in Berlin, Germany, 25 to 29 November, different groups are discussing best practices pertaining to specific internet governance policy questions. These groups are open and thrive on your input and experiences. Their findings will be presented at the IGF and published shortly after. The IGF Best Practice Forums intend to inform internet governance policy debates by drawing on the immense and diverse range of experience and expertise... more

How Domain Data Helps Thwart BEC Fraud

It's true, domain data has many practical uses that individuals and organizations may or may not know about. But most would likely be interested in how it can help combat cyber threats, which have been identified as the greatest risks businesses will face this year. Dubbed as the greatest bane of most organizations today, cybersecurity can actually be enhanced with the help of domain data. How? more

Business Email Compromised (BEC) Scams Explode Under the GDPR Implementation

Business email compromised (BEC) attacks targeting American companies are exploding, with an increase of over 476% in incidents between Q4 2017 and Q4 2018. Up as well is email fraud with companies experiencing an increase of over 226%. These highly targeted attacks use social engineering to identify specific company employees, usually in the finance department and then convince these employees to wire large sums of money to third-party banking accounts owned by the attackers. more

Proactive Cybersecurity: What Small Businesses Can Actually Do

In the business world, there are two main paths a company can take with cybersecurity -- the reactive and the proactive approach. The problem with a purely reactive attitude is that it can easily put companies in constant firefighting mode. And for small companies with limited resources, this can turn out to be an increasingly uncomfortable place to be in.
With that in mind, experts today suggest proactive cybersecurity by monitoring suspicious activity and identifying risks before they turn into full-blown attacks. more

Industry Updates

Using WHOIS Domain Lookup Tools to Identify Malicious Domains and Prove Misuse

Fight Against Phishing: Email Address Verification as a Cybersecurity Process

The Perils of Typosquatting: The Likely Targets and the Price They Pay

Post-GDPR WHOIS Domain Search: Are Cybercrime Investigations More Difficult to Do?

How Domain Reputation API Can Help Detect HTTPS-Protected Phishing Sites

How to Avoid Fake Product Support Pages with WHOIS API's Help

Reverse Domain Hijacking and the Use of WHOIS and Domain Brand Monitoring Tools

Addressing Cybersquatting Dangers Using Brand Alert API and WHOIS Lookup

Fake Airline Ticket Scams: Domain Spoofing and Other Red Flags

Mitigating Phishing Attacks on Cloud/File Storage Services through Domain Reputation API

Reverse Domain Name Hijacking: What It Is and How to Avoid It through a Domain Availability Check

The Need for Email Address Verification in Light of Subpoena-Themed Phishing Attacks

Mobile Apps Take the Lead, Scammers Follow

The High Cost Of Privacy In A Post-GDPR World

How Threat Intelligence Software Can Help Prevent Breaches Caused by Server Misconfigurations