Is Your Intranet Vulnerable to Attacks? | WhoisXML API

Threat Reports

Is Your Intranet Vulnerable to Attacks? Investigating Intranet Impersonation in the DNS

A recent Reddit security incident1 highlighted how intranet gateways can widen an organization’s attack surface. In connection with that, WhoisXML API researchers investigated intranet domain impersonation and found:

  • 220+ domains containing the string intranet added from 1 January to 20 March 2023
  • 800+ cybersquatting domains targeting 20 of the most popular intranet software added in the same period
  • 3.4% of the intranet-related domains that were flagged as malicious, some of which still hosted phishing sites 
  • Dozens of intranet domains that hosted publicly accessible login pages

Download a sample of the threat research materials now or contact us to access the complete set of research materials.

Try our WhoisXML API for free
Get started