Phishing assaults have surged almost 40% within the yr ending August 2024, with a good portion of this enhance linked to new generic top-level domains (gTLDs) like .store, .high, and .xyz.
These domains, identified for his or her minimal registration necessities and low prices, have turn into enticing to cybercriminals, in response to new analysis by Interisle Consulting.
This pattern raises considerations because the Web Company for Assigned Names and Numbers (ICANN) continues to push ahead with introducing much more gTLDs.
New gTLDs and Cybercrime
Interisle’s examine highlights that whereas new gTLDs characterize solely 11% of the marketplace for new domains, they accounted for 37% of reported cybercrime domains between September 2023 and August 2024.
Leveraging 2024 MITRE ATT&CK Outcomes for SME & MSP Cybersecurity Leaders – Attend Free Webinar
The information, sourced from numerous anti-spam organizations such because the Anti-Phishing Working Group (APWG), means that these newer domains are more and more favored by scammers.
The attract of recent gTLDs for criminals lies of their affordability and lack of stringent registration standards.
Many of those domains can be found for lower than $2, contrasting sharply with the most affordable .com domains priced at $5.91.
This low price of entry, mixed with minimal oversight, permits phishers to buy domains in bulk with out important funding.
John Levine, president of the Coalition Towards Unsolicited Industrial Electronic mail (CAUCE), criticized ICANN’s method, suggesting that the group is performing extra like a website speculator commerce affiliation than a regulatory physique.
He argues that with out stricter registration insurance policies, the introduction of recent gTLDs will solely additional gas cybercriminal actions.
Interisle’s report additionally famous a shift in phishing targets. Historically, giant tech firms like Apple, Fb, and Google have been regularly impersonated.
Nevertheless, the U.S. Postal Service emerged because the most-phished entity previously yr, pushed partially by a cybercriminal generally known as Chenlun, who has developed phishing kits concentrating on postal companies globally.
In accordance with the Krebs On Safety report, past gTLDs, phishers are more and more utilizing subdomain suppliers, equivalent to blogspot.com and weebly.com, to host their assaults.
The report discovered over 1.18 million cases of phishing utilizing subdomains—a rise of 114%. These platforms current distinctive challenges for mitigation, as blocking malicious actions on the root stage might disrupt official customers.
The report concludes with suggestions for subdomain suppliers to restrict mass account creation and improve monitoring.
As ICANN continues with its plans to introduce new gTLDs, cybersecurity specialists urge the implementation of stricter insurance policies to forestall the misuse of those domains by cyber criminals.
Analyse Superior Malware & Phishing Evaluation With ANY.RUN Black Friday Offers : Stand up to three Free Licenses.