Are Campaigns Targeting Airlines Taking Off? | WhoisXML API

Threat Reports

Are Cybersquatting Campaigns Targeting Airlines Taking Off?

Any company that serves thousands if not millions of users is considered ripe for threat actor picking. Threats and attacks often start with the simple act of typosquatting. Such was the case for an ongoing cybersquatting campaign targeting Turkish Airlines.1

IBM X-Force Exchange revealed 13 malicious domains related to the threat, which we then used as a jump-off point to determine if other airlines are at risk and build a detailed spreadsheet that shows that:

  • Hundreds of NRDs potentially mimicking those that belong to various airlines were registered in a month’s time.
  • More than 1,000 domains possibly spoofing airlines that were due to expire within the same period.

Download the threat report now to access the complete list of identified artifacts.

---

  • [1] https://exchange.xforce.ibmcloud.com/collection/TurkishAirlines-Squatting-Campaign-1276d6d434cff7cb3c8b84bb9c85cd4b
Try our WhoisXML API for free
Get started