Three reasons why CISOs need to understand domain security

Click for: original source

Domain name abuse is one of the most dangerous and under-regulated issues in digital business security today. An attack on a web domain can lead to the redirection of a company’s website, domain spoofing, phishing attacks, network breaches, and business email compromise (BEC). By

Seemingly every day, we learn about new developments involving supply chain attacks, ransomware, and phishing attacks, along with additional layers of complexity in terms of what coverage they require and how to stop them. The article then discusses:

  • Many of the largest companies in the world still lack basic domain security protocols
  • You’re only as secure as your vendors, and you can choose your domain registrar
  • Not monitoring and taking down fraudulent lookalike domains impersonating your brand will increase your chances of attacks

The intent of these fake and maliciously registered domains is to leverage the trust placed on the targeted brands to launch phishing attacks, other forms of digital brand abuse, or IP infringement. This often leads to revenue loss, traffic diversion, and a diminished brand reputation. There are endless domain spoofing tactics and permutations that can be used by phishers and malicious third parties. Good read!

[Read More]

Tags cio web-development app-development infosec