A U.S. Tax Scammer's Web Infrastructure through the DNS Lens
WhoisXML API found several artifacts that could be connected to an ongoing U.S. tax scam. Download the threat research materials now.
Continue reading Download reportInvestment-Related Cybersquatting: Another Way to Lose Money?
With a 98% chance of a global economic recession,1 financial markets are giving off warning signs—one of which is increasing volatility.
Since media and public attention turned toward the world’s financial status, WhoisXML API researchers decided to see how this affected the DNS. Indeed, we detected signs of threat actors’ activity that could be related to the current stock market turmoil. Our study revealed the following:
- 9,000+ forex- and Nasdaq-related web properties added between 1 August and 31 October 2022
- Most of the properties were geolocated and registered in the U.S.
- About one-third of the resolving properties could be traced back to Hetzner Online GmbH as their Internet service provider (ISP), while most domains were managed by Namecheap, GoDaddy, and GMO
- Several domains flagged as malicious continued to host content also seen among other unreported properties
Get access to our findings and uncover more on your own. Download the report now.
—
- [1] https://edition.cnn.com/2022/09/28/economy/recession-global-economy
- [2] https://guardiosecurity.medium.com/dormant-colors-live-campaign-with-over-1m-data-stealing-extensions-installed-9a9a459b5849