As phishing remains an imminent attack vector leading to costly and damaging campaigns, WhoisXML API researchers dug up the WHOIS history of 3,800+ domain names and subdomains associated with verified phishing URLs. We present our key findings and analyses in a white paper and associated threat research materials covering:
- A deep dive into the phishing hosts’ historical WHOIS records to see how deep the domains’ history is and spot significant changes in WHOIS records
- An analysis determining the hundreds of phishing domains that are now available again for registration despite their malicious past
- Tracing the breadcrumbs uncovered by WHOIS history, including 1,400+ unique registrant email addresses, which led to almost 5,000 additional connected domains
Download the white paper and research materials containing the data now.