domains – Page 4 – WindowsTechs.com

Proofpoint sues Facebook over dummy sites used for anti-phishing training

Posted on February 11, 2021 by Shannon Vavra

Proofpoint has filed a lawsuit against Facebook arguing that it should be allowed to use domains that imitate the Facebook and Instagram brands to test customers’ ability to avoid online scams. Cybercriminals often imitate popular brands’ sites, including Facebook and Instagram, to dupe unsuspecting users, then pilfer their credentials or distribute malware. Proofpoint is one of several security companies that provides customers with phishing training that includes look-alike domains of popular brands in order to test clients’ wits on avoiding common cons. By sending messages that appear to be from “Instagrarn” rather than “Instagram,” for instance, Proofpoint and other email security firms test clients’ ability to detect attacks. Social media sites, particularly Facebook and Instagram, are typically among the top most imitated in criminals’ so-called typo-squatting schemes, according to Palo Alto Networks research published in September. The suit, filed Tuesday in an Arizona district court, is a countersuit to Facebook’s […]

The post Proofpoint sues Facebook over dummy sites used for anti-phishing training appeared first on CyberScoop.

Continue reading Proofpoint sues Facebook over dummy sites used for anti-phishing training→

US officials shut down scam websites impersonating Moderna, Regeneron

Posted on December 18, 2020 by Sean Lyngaas

U.S. Justice Department officials on Friday said they had seized two internet domains purporting to belong to biotechnology firms developing treatments for the coronavirus, but which really were used to collect visitors’ personal data as part of a scam. The scammers appeared to impersonate pharmaceutical giants Moderna and Regeneron, and collected information that could be used for fraud, or to steal users’ credentials and deploy malicious software, the U.S. Attorney for the District of Maryland said. It wasn’t immediately clear how much personal data was stolen, or how it was used, if at all. But the domain seizures are a reminder of the staggering amount of coronavirus-related fraud that has occurred this year, as crooks all over the world have exploited the pandemic to sell counterfeit pills and conduct ransomware attacks. Americans have reported more than $211 million in losses from COVID-19-related fraud, according to the Federal Trade Commission. In […]

The post US officials shut down scam websites impersonating Moderna, Regeneron appeared first on CyberScoop.

Continue reading US officials shut down scam websites impersonating Moderna, Regeneron→

FireEye, Microsoft find ‘killswitch’ to hamper SolarWinds-related malware

Posted on December 16, 2020 by Sean Lyngaas

As the U.S. government works to contain a sprawling hacking campaign that relies on software in technology from SolarWinds, a federal contractor, technology firms are disabling some of the hackers’ key infrastructure. Cybersecurity giant FireEye on Wednesday said that it had worked with Microsoft and the domain registrar GoDaddy to take over one of the domains that attackers had used to send malicious code to victim machines. The move is no panacea for stopping the suspected state-sponsored hacking campaign, though it could help stem the tide of victims, which reportedly includes the departments of Treasury and Homeland Security. The seized domain, known as a “killswitch,” will “affect new and previous” infections of the malicious code coming from that particular domain, FireEye said in a statement that was first reported by independent journalist Brian Krebs. “Depending on the IP address returned when the malware resolves avsvmcloud[.]com, under certain conditions, the malware […]

The post FireEye, Microsoft find ‘killswitch’ to hamper SolarWinds-related malware appeared first on CyberScoop.

Continue reading FireEye, Microsoft find ‘killswitch’ to hamper SolarWinds-related malware→

APWG Q3 Report: Four Out of Five Criminals Prefer HTTPS

Posted on December 3, 2020 by Jessica Ellis

The Anti-Phishing Working Group (APWG), known for its collaborative analysis of phishing attacks and identify theft techniques, has released its Phishing Activity Trends Report for Q3 of 2020. Highlights from the report include more than two h… Continue reading APWG Q3 Report: Four Out of Five Criminals Prefer HTTPS→

Easy to Deceive, Difficult to Detect, Impersonation Dominates Attacks

Posted on December 1, 2020 by Jessica Ellis

Impersonation enables threat actors to manipulate victims into disclosing sensitive information as well as enhance their ability to commit fraud. An organization’s name, logo, or messaging can be incorporated into almost any threat type, makin… Continue reading Easy to Deceive, Difficult to Detect, Impersonation Dominates Attacks→

What is a Look-alike Domain?

Posted on November 25, 2020 by Tricia Harris

By definition, a look-alike domain is a nearly identical, slightly altered domain name, registered with intent to deceive.
The post What is a Look-alike Domain? appeared first on Security Boulevard.
Continue reading What is a Look-alike Domain?→

Eliminating the Threat of Look-alike Domains

Posted on October 20, 2020 by Stacy Shelley

There are many ways look-alike domains can be used by threat actors. While business email compromise (BEC) and phishing sites are often top-of-mind for defenders, there are dozens of other uses for look-alike domains. This variation, as well as… Continue reading Eliminating the Threat of Look-alike Domains→

Takedown of 92 Iran-owned domains includes 4 used for disinformation in US, feds say

Posted on October 8, 2020 by Joe Warminsky

The U.S. government says it seized 92 internet domains used “to spread pro-Iranian disinformation around the globe,” including four that directly targeted U.S. audiences. Iran’s Islamic Revolutionary Guard Corps operated the domains in violation of U.S. sanctions, according to a Justice Department announcement Wednesday. The department said the operation was based on intelligence provide by Google, and was a collaborative effort between the FBI and Google, Facebook and Twitter. The other 88 domains “targeted audiences in Western Europe, the Middle East, and South East Asia and masqueraded as genuine news outlets,” the department said. The feds claimed jurisdiction over all 92 domains because the government of Iran and the IRGC ran them through “website and domain services in the United States without a license from OFAC,” the Treasury’s Office of Foreign Assets Control. The announcement is the latest in a steady stream of news about attempts by U.S. agencies or Silicon Valley giants to monitor […]

The post Takedown of 92 Iran-owned domains includes 4 used for disinformation in US, feds say appeared first on CyberScoop.

Continue reading Takedown of 92 Iran-owned domains includes 4 used for disinformation in US, feds say→

CISA orders agencies to quickly patch critical Netlogon bug

Posted on September 21, 2020 by Sean Lyngaas

For several days, security experts have urged organizations to fix a critical vulnerability in a Microsoft protocol that hackers could use to steal sensitive data. Now, U.S. government agencies don’t have a choice but to act. The Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency on late Friday evening ordered federal civilian agencies to apply a patch for the vulnerability by the end of the day Monday. The “emergency directive” — only the fourth ever issued by the agency — reflects the “unacceptable risk” the vulnerability poses to federal agencies because the affected software is used throughout the government, officials said. The bug is the latest in a bevy of critical flaws to emerge in popular software this year. In response, CISA has increasingly used its emergency-directive authority to try to keep foreign spies or criminals from burrowing into federal networks. In July, CISA gave agencies 24 hours to address another […]

The post CISA orders agencies to quickly patch critical Netlogon bug appeared first on CyberScoop.

Continue reading CISA orders agencies to quickly patch critical Netlogon bug→