Another day, another hack. This week, it was the Democratic National Committee (DNC), who seem to have been hacked by alleged agents of the Russian government. While malicious software was used to actually steal the files, the delivery mechanism was simple – an email using a mistyped domain name. So, click the wrong attachment, someone [...]
Earlier this month, the BBB issued an alert notifying the public of a reboot of the well known Nigerian Prince email phishing scam. The scam has been around for years but the new version is more sophisticated and is costing victims millions of dollars annually. The scam is relatively simple: target receives a fax, letter, [...]
At DomainSkate we’re constantly talking with business owners who are just learning what we know -- that the Internet as we all knew it has changed significantly. New domains are launching every day offering people more options to grow their brand online. At the same time, these new domains are also raising a lot of [...]
Although the Internet has not gone to hell in a handbasket because of the New gTLD program, as many pundits and politicians predicted, it has tangentially caused a big security problem at ICANN as a result of the news that some ICANN staff members fell victim to a spear-phishing attack that gave security access to the attackers. The statement from ICANN (in part):
The Anti-Phishing Working Group (APWG) recently released a report about the state of the online world and cybercrime. The report noted that “...cybercrime gangs are aggressively pursuing brand diversity in their online fraud schemes, spoofing and otherwise leveraging the identities of some 756 institutions, the highest number the analysts had yet encountered.”
For companies trying to avoid having their customers or employees targeted by spearphishing, a brand protection system is critical.
In a decision issued by the NAF yesterday Microsoft won a UDRP decision for the domain name www.skyped.com (no link provided on purpose). The site was particularly nasty, because it asks the user to download an update for Skype software and then asks for personal information from the users. The decision described the hack in detail:
In Victoria's Secret Stores Brand Management, Inc. v. Fundacion Private Whois / Domain Administrator, the arbitrator Hon. Karl V. Fink found that the respondent ("Fundacion") had registered and utilized the domain www.victorassecret.com in bad faith, and transferred the domain to complainant Victoria's Secret.