We analyzed an ongoing cybersquatting campaign targeting MetLife, Inc., using 12 malicious domains that IBM X-Force Exchange identified.1
We used the IoCs and their IP resolutions to determine what the threat looks like for the insurance sector and if other insurance companies are at risk. We presented our findings in a detailed threat research spreadsheet containing:
- Close to an additional 50 domains registered between 23 September and 18 November 2021 that could be used to further cybersquat or impersonate MetLife
- A sample of 500 domains out of 6,000+ thousands registered between 23 September and 18 November 2021 that may be squatting or impersonating other insurance companies
Download the spreadsheet now to access the complete list of identified artifacts used to conduct additional enrichment and threat analysis.
-  https://exchange.xforce.ibmcloud.com/collection/MetLife-Squatting-Campaign-4f1070d957d47531446c4bfa56a69eb5