CSC’s Research Uncovers Suspicious Domain Registration Surge Amid Baby Formula Supply Chain Crisis
Third parties registering domains are attempting to mask their ownership and identity, suggesting they may have nefarious intentions
CSC’s research team found disturbing trends when they assessed the security of branded web domains and key search terms associated with the baby formula and semiconductor industries. Between January 2021 and May 2022, CSC found that within third-party registered domains, 93% of baby-formula-related and 79% of semiconductor-related domains include privacy services, or have WHOIS details redacted. These are steps taken with the intent to conceal true identities and reveal potential fake domain registrations and fraudulent activity. In addition, 26% of baby formula-related and 44% of semiconductor-related domains are configured with MX email records—a key mechanism used to disseminate phishing emails.
“Companies need to understand how their choice of domain registrar impacts their organization’s overall security posture and the probability of their employees and customers falling victim to fraud. Consumer-grade registrars have repeatedly been attacked over the last few years, and do not provide the security controls needed to protect clients’ vital domain names from domain and DNS threats. Moreover, many consumer-grade registrars offer services like name spinning and domain auctioning that promote the registration of confusingly similar names that not only infringe on established brands but are often used for phishing and other fraud-based attacks,” says Mark Calandra, president of CSC Digital Brand Services. “As a result, these registrars monetize the goodwill brand owners have worked hard for, creating a revenue stream for themselves rather than serving the interests of enterprise clients who use their platforms. We believe the industry should follow best practice standards to prevent growing brand abuse and consumer safety concerns to ensure a more secure digital economy.”
Domain security hygiene remains an overlooked risk management component of an organization’s business operation and overall security posture. CSC conducts an annual assessment of the domain security practices among the Global Forbes 2000. Through a cross assessment of the most recent report and CISA’s 16 critical infrastructure industries categories, food and agriculture and critical manufacturing are two industries with the weakest domain security hygiene and minimal year-over-year improvements.
Access the Supply Chain report, the Domain Security report, or visit our website at cscdbs.com.
CSC is the trusted provider of choice for the Forbes Global 2000 and the 100 Best Global Brands® in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity oversights that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.
View source version on businesswire.com: https://www.businesswire.com/news/home/20220713005060/en/
CSC News Room
This news is a press release announced by the provider. The media can use this material for reporting. Korea Newswire is committed to verifying the reliability and transparency of providers and eliminating content errors in accordance with editorial guidelines. If you have any issues with the press release, please let us know.
News provided byCSC