Concerns Small Number Of New gTLDs Hit By Phishers

There are reports that new gTLDs are already a boon for phishers with a report in Infosecurity Magazine saying “it’s s a worrying trend that shows fresh addressing to be a boon for phishers and spammers — at least at first.”The report claims “there appears to be a hierarchy establishing itself in terms of who uses which and for what purposes — and some TLDs are more likely than others to be exploited by the bad guys.””Out of curiosity, we checked our honeypot logs for the past 60 days to see if any malicious activity came from these new TLDs,” explained Jerome Segura, a researcher at Malwarebytes, in a blog, adding that many of them have already been compromised.”It is important to note that the majority of the domains involved were not registered by the bad guys themselves,” he said. “Instead, what we observed are websites that have been hacked and used for nefarious purposes.””However, this doesn’t mean that cyber crooks won’t jump on the occasion to leverage these new top-level domains. In fact, just a few days ago the Internet Storm Center reported that phishing scams were already using the ‘.support’ TLD.”Some TLDs are more likely to be exploited by the bad guys. For example ‘.pharmacy’ would be a good candidate for spammers pushing various drugs even though there are some restrictions as to who is allowed to register their site.”While the numbers and risk is very small, it is the case when accessing any website that there is always a small chance it could be hacked and used for nefarious purposes.