Skip to main content

Almost All Phishing Events Use Free Hosting And Compromised Domains

 

For staging a phishing website, cybercriminals can choose between using legitimate yet compromised domain names, registering their own domains, and misusing free web hosting services. The key to detect and mitigate these cybersecurity threats at the earliest possible time is to understand how prevalent each of these scenarios is.

IT service company PhishLabs analyzed over a hundred thousand phishing websites to determine how many of those utilized compromised domains, domain names registered with malicious intent, or free website hosting solutions. Around 38% of the websites misused free hosting or utilized compromised domains, whereas about one-quarter of them used domain names registered with the intent to cause harm.

It is potentially tricky to determine whether one of these sites utilizes a compromised or malicious domain at a level that is enough to correctly represent the modern phishing landscape. Research regarding phishing has mainly used the following elements.

  • Whether the content in the domain name tries to pretend to be a legitimate website in some way.
  • The amount of time elapsed between domain name registration and its use. The shorter that timeframe was, the chance for the website to get maliciously registered would be more.

An advantage of utilizing the latter element is that cybercriminals can do so retroactively, albeit the phishing website is taken down. It can also be applied efficiently to a big dataset of domains associated with phishing. On the downside, it assumes that the malicious actor would register a website in the event that it was utilized for phishing in a definite period. Conservative pieces of research have used some days as a timeframe, whereas others have utilized many months. That said, the survival period of vulnerable web infrastructure is measured as per minutes instead of days or even months. That method would result in the inaccurate labeling of phishing websites as being maliciously registered sites.

Free Website Hosting Abuse

The best web hosting providers often say that nothing is ever free as a criticism of so-called free versions of these services. That is to say, there are hidden charges associated with the free services. These service providers, developer tools, dynamic DNS solutions, code and file sharing websites, and other solutions enable easy web content hosting without users having to buy domain names. The above-mentioned services tend to be misused to perform phishing attacks.

When it comes to free web hosting misuse, the whole domain name is no malicious product. The malicious product is a part of the domain string apart from the second-level domain and the one that follows the dot symbol.

These websites are based on legitimate domain names, so the requirements regarding threat intelligence and mitigation are different from the requirements where hackers register their domains.

Labels:

Comments

Post a Comment

Popular posts from this blog

A Guide About The Importance Of Website Data Backup

  Website backup is an important aspect of security and at times of emergencies, it can be of great help. Due to this, reliable web hosts like Hostsailor provides different types of data backup options along with their web hosting services. Most often, some sort of basic au tom atic backup is available in most shared web hosting plans. Besides, when looking for a web host for hosting your website, you must enquire about this as it becomes saving grace during situations like unexpected server downtime, etc. In this article, we will look in detail the importance of data backup for your website. What Is Website Backup? A website backup is a copy of all your website data, and the amount of data depends on the policy of your web host or the backup provider. As a rule of thumb, the more data that is backed up, the  bet ter. This is especially true for websites that focus media, where you will require all the content and databases to get it running again. Because of this, the terms o...
Post a Comment
Read more

Reasons To Use An Unmanaged Dedicated Server

Some of the best-dedicated server providers offer unmanaged and managed hosting options. This leaves the question of when to be on an unmanaged dedicated server hosting plan. If you are unaware of what an unmanaged hosting service means, you perhaps should not have it. Here, we will discuss why and when you should be on the best dedicated hosting plan that is unmanaged. What Does Unmanaged Dedicated Server Hosting Mean? It is a dedicated server plan that offers root access, which offers the user control over custom configurations. It requires experience in server administration and expertise in the installed OS. The web host will only set up software on the server after the customer makes their selection on checkout. Otherwise, you and/or your team will be responsible for server upkeep. When to Use An Unmanaged Dedicated Server Plan You should go for an unmanaged dedicated server plan when you require not only the power that comes with this form of a server but also the flexib...
1 comment
Read more

How E-Commerce Startups Can Benefit from VPS Hosting

Virtual Private Server hosting complements the growth of your e-commerce website and is a good option for business owners to consider. Although first marketed as a transitional state between shared hosting and dedicated server hosting, VPS hosting has become the go to choice of most e-commerce businesses, especially startups, and it’s very easy to see why. Here are a few reasons for how your e-commerce store stands to benefit from VPS hosting.   No Limitations: By far the biggest reason why business owners prefer VPS hosting over shared hosting is because it poses no limitations on their growth. As a business matures, it attracts more customers and the company’s clientele increases, therefore your hosting service should expand with your business to accommodate your new clients. Unfortunately, shared hosting is very limited in its expansion. If you run multiple scripts to make things easier for your clients, there’s a high chance that you will exceed the computat...
Post a Comment
Read more