A U.S. Tax Scammer's Web Infrastructure through the DNS Lens
WhoisXML API found several artifacts that could be connected to an ongoing U.S. tax scam. Download the threat research materials now.
Continue reading Download reportProvide current and historical ownership information on domains / IPs. Identify all connections between domains, registrants, registrars, and DNS servers.
Look into all current and historical DNS / IP connections between domains and A, MX, NS, and other records. Monitor suspicious changes to DNS records.
Get detailed context on an IP address, including its user’s geolocation, time zone, connected domains, connection type, IP range, ASN, and other network ownership details.
Access our web-based solution to dig into and monitor all domain events of interest.
Get access to a web-based enterprise-grade solution to search and monitor domain registrations and ownership details for branded terms, fuzzy matches, registrants of interest, and more.
Our complete set of domain, IP, and DNS intelligence available via API calls as an annual subscription with predictable pricing.
Offers complete access to WHOIS, IP, DNS, and subdomain data for product enrichment, threat hunting and more.
Enjoy priority data access with our premium API services topped with extra perks including dedicated team support, enterprise-grade infrastructure, and SLAs for full scalability and high performance.
Phishing-as-a-service (PaaS) solutions like the recently discovered Frappo,1 make brand impersonation campaigns easy to instigate and automate. Among those targeted by the new toolkit were large companies in the financial, e-commerce, and entertainment sectors, namely, Amazon, ATB Financial, Bank of Montreal (BMO), Bank of America (BOA), Chase, CIBC, Citibank, Citizens Bank, Costco, Desjardins, M&T Bank, Netflix, Royal Bank of Canada (RBC), Rogers, Scotia Bank, Tangerine Bank, TD Canada Trust, Uber, and Wells Fargo.
To see how impersonation campaigns related to the target brands are affecting the Domain Name System (DNS), we looked at recent domain registration activities. Below are some of our findings.
Download a sample of the threat research materials now or contact us for access to the complete research materials.
---
WhoisXML API found several artifacts that could be connected to an ongoing U.S. tax scam. Download the threat research materials now.
Continue reading Download reportWhoisXML API found thousands of artifacts potentially connected to the newly detected TimbreStealer malware. Download the threat research materials now.
Continue reading Download reportWhoisXML API found 1,100+ artifacts potentially connected to financially motivated abuse of App Installer. Download the threat research materials now.
Continue reading Download reportWe are here to listen. For a quick response, please select your request type. By submitting a request, you agree to our Terms of Service and Privacy Policy.
WhoisXML API uses cookies to provide you with the best user experience on our website. They also help us understand how our site is being used. Find out more here. By continuing to use our site you consent to the use of cookies.