Alert Issued to Domain Registrar “.top” for Phishing Activities – Krebs on Security
Info Sec Today – AndyC
The Internet Corporation for Assigned Names and Numbers (ICANN) has issued a warning to the registry operator responsible for managing “.top” domain names, giving them until mid-August 2024 to demonstrate effective systems for handling phishing reports and suspending malicious domains
Failure to comply could result in the revocation of their license to sell domains
This action comes after findings revealed that .top was the second most popular suffix for phishing websites in the past year, behind only “.com” domains
Key points:
1) ICANN’s letter criticized the registry for inadequate responses to reports of phishing incidents involving .top domains.
2) The .top registry is managed by Jiangsu Bangning Science & Technology Co
Ltd., a Chinese entity, which has a history of hosting phishing sites.
3) Phishing websites constituted over 4% of all newly registered .top domains between May 2023 and April 2024.
4) The rise of phishing pages hosted on the InterPlanetary File System (IPFS) saw a 1,300% increase in the last year.
5) Freenom, a domain registrar that provided free domains, was the most prominent in phishing activities last year before shutting down due to a lawsuit filed by Meta.
6) Phishers have transitioned to new low-cost TLDs and services allowing anonymous, cost-free domain registration, especially subdomains.
7) Domain registrars and registries could significantly reduce phishing websites by flagging customers attempting to register large numbers of domains simultaneously.
8) ICANN’s enforcement actions have decreased in recent times, with most warning letters citing unpaid membership dues as the primary reason for the infringement
The article suggests that ICANN’s enforcement actions may be more focused on collecting outstanding payments rather than effectively addressing DNS abuse.
Link: https://www.infosectoday.io/alert-issued-to-domain-registrar-top-for-phishing-activities-krebs-on-security
Alert Issued to Domain Registrar “.top” for Phishing Activities – Krebs on Security
Categories:
Tags: