CSC Research Finds Third Parties Continue to Lay Groundwork for Malicious Activity Among Thousands of COVID-Related Domains
Driven by CSC’s innovative DomainSec platform, new insights provide details on COVID-19 online threats
CSC identified a pattern of peaks and valleys (heuristics) with surges of domain registrations associated each time there was an important COVID-related news event. Most recently, the onset of Omicron saw additional disturbing behavior. While nearly 1,200 domains registered in 2021 included Omicron as a keyword, 832 were registered (70%) in a two-week timeframe between November 26 and December 9, with numerous domains causing traffic misdirection and redirection, soliciting donations, or promoting cryptocurrency investments.
Furthermore, CSC also evaluated domain registration behavior associated with websites using the Pfizer, Moderna, Johnson & Johnson, Centers for Disease Control and Prevention, U.S. Food and Drug Administration, and World Health Organization brand names and their permutations as they appear in the URL. CSC found that 80% of the 350 domains containing these names were registered to third parties. Half of the domains posted no web content and were deemed dormant; cybercriminals are known to use dormant domains as a strategy, turning them on just when they’re ready to launch an attack campaign. Of the dormant domains, most concerning is that nearly 33% are configured to send and receive email with active MX records, which can provide bad actors a launch pad to conduct malicious attacks against brands and consumers through phishing or malware attacks.
“At CSC, we believe domain security intelligence is power. The surge in COVID-related domain registrations in the last two years shows how bad actors are taking advantage of major public events,” says Ihab Shraim, chief technology officer of Digital Brand Services at CSC. “In today’s digital economy, domain name related cybercrime is exponentially rising and impacting organizations, customers, partners, and the connected internet supply chain. Through our cutting-edge DomainSec platform, key decision makers can obtain accurate domain security insights that analyze and mitigate threat vectors targeting their domain name portfolios and associated online brands.”
To access the full report and additional details, visit our website. https://bit.ly/3G0fXhx
CSC is the trusted provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity blind spots that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation damage, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services toward combatting phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220125005112/en/
This news is a press release from the provider.
Korea Newswire is committed to verifying the transparency of providers and eliminating content errors.
You can receive press releases from this company or in industries of interest via email and RSS for free. Subscribe>
News provided byCSC