201904.24

HKIRC launches its registry lock

Hong Kong Internet Registration Corporation Limited (HKIRC) launches a new Registry lock service for the extensions it manages: .hk, .com.hk, .公司.hk, .公司.香港 et .香港. As a reminder, the registry lock allows blocking any transfer, WHOIS contact update or authoritative nameservers modification at a registry level. Actions of locking and unlocking domains obey to a specific…

201903.19

Domain name Hijacking : Are you protected ?

A recent cyber-attack campaign, attributed to Iranian operators and realized at the DNS level, has sharpened attention to the risks associated with cyber-attacks targeting domain names. In a previous article, we talked about “Cache Poisoning” of “DNS Spoofing” attacks, using inherent vulnerabilities of the DNS system. The DNSSEC is one of the measures allowing to…

201903.04

Cyber attacks on the DNS: ICANN urges to deploy the DNSSEC protocol

In recent weeks, several authorities have reported an upsurge of coordinated malicious acts against the Internet Domain Name System (“DNS”) infrastructure, the backbone of the Internet. Ongoing attacks raise concerns about their persistence, magnitude, and the concomitant use of several methods. On January 10, 2019, based on reports issued by companies specializing in cybersecurity, the…

201901.18

Phishing: stay alert!

No, Air France or Futuroscope do not offer free tickets via the WhatsApp phone application. Last weekend, many users of the application have received fraudulent messages appearing to come from these companies. The catch is the same: “Air France offers free tickets to all to celebrate his birthday” or “Futuroscope giving 5 free tickets to 500…

201901.14

Attack on WeTransfer: beware of malwares!

Our Online Brand Protection service reports a new large-scale attack on the electronic documents transfer specialist WeTransfer. We have identified that emails similar to those of WeTransfer are currently being mass-mailed, with a download link very similar to the URLs used by WeTransfer: The attack works in a very simple way: hackers simply registered the…

201812.20

.be adopt a new procedure for domain name deactivation

Since the 1st of December, a new procedure has been implemented in partnership by the Belgian Registry DNS Belgium and the Federal Public Service Economy (FPS Economy). This procedure allows FPS Economy to seek the deactivation of a .be domain name used in relation to fraudulent websites or Phishing activities. According to the procedure set…

201808.10

The GDPR Facilitates Large-Scale Phishing

Phishing is the fraudulent attempt to obtain sensitive information, often for malicious reasons, by disguising as a trustworthy entity in an electronic communication. This practice uses domains identical or very similar to well-known brands: banks, insurance companies or airline companies are very often victims of these attacks. A number of elements help to create large-scale…