Are Campaigns Targeting Airlines Taking Off? | WhoisXML API

Threat Reports

Are Cybersquatting Campaigns Targeting Airlines Taking Off?

Any company that serves thousands if not millions of users is considered ripe for threat actor picking. Threats and attacks often start with the simple act of typosquatting. Such was the case for an ongoing cybersquatting campaign targeting Turkish Airlines.1

IBM X-Force Exchange revealed 13 malicious domains related to the threat, which we then used as a jump-off point to determine if other airlines are at risk and build a detailed spreadsheet that shows that:

  • Hundreds of NRDs potentially mimicking those that belong to various airlines were registered in a month’s time.
  • More than 1,000 domains possibly spoofing airlines that were due to expire within the same period.

Download the threat report now to access the complete list of identified artifacts.


  • [1]
Try our WhoisXML API for free
Get started