Page 149 - Cyber Defense eMagazine September 2023
P. 149
Some examples of TLDs with common terms include:
• .info
• .click
• .app
• .shop
• .vip
• .work
• .online
TLDs .app and .shop specifically have shown significant increases in volume in Q2, with .app moving
from the 19th most abused spot to the sixth. TLD .shop was the tenth most abused, previously occupying
the #36 spot.
Additionally, gTLD .online has been heavily abused so far in 2023, representing the #13 most abused
TLD in Q1 and #15 in Q2.
The increased use of these TLDs may indicate a shift in cybercriminal behavior to incorporate more
common terms into lookalike domain attacks beyond the root domain.
It is important that security teams are familiar with terms and variations associated with their brands and
consistently monitor for activity that may target their organization. PhishLabs will continue to provide
updates on TLD threats as they evolve.
About the Author
Eric George is the Director of Solutions Engineering at Fortra. Eric began his
career at Fortra's PhishLabs as an analyst in its Security Operations Center.
He then advanced to multiple lead roles and built considerable security
knowledge while specializing in the detection, analysis, and mitigation of
account takeover attacks for enterprises from multiple industries.
Eric then transitioned to Solutions Engineer, supporting sales and business
development efforts before taking on his current role where he leads Solution
Engineering, Targeted Intel, and Technical Client Support efforts. PhishLabs
was acquired by Fortra in October 2021.
In addition to his work at PhishLabs, Eric has held over 10 industry certifications including CISSP and
serves as a Technical Malware Co-Chair for the Messaging, Malware and Mobile Anti-Abuse Working
Group (M3AAWG).
Eric can be reached on LinkedIn, Twitter, and our company website https://www.fortra.com.
Cyber Defense eMagazine – September 2023 Edition 149
Copyright © 2023, Cyber Defense Magazine. All rights reserved worldwide.