Is Your Intranet Vulnerable to Attacks? Investigating Intranet Impersonation in the DNS
A recent Reddit security incident1 highlighted how intranet gateways can widen an organization’s attack surface. In connection with that, WhoisXML API researchers investigated intranet domain impersonation and found:
- 220+ domains containing the string intranet added from 1 January to 20 March 2023
- 800+ cybersquatting domains targeting 20 of the most popular intranet software added in the same period
- 3.4% of the intranet-related domains that were flagged as malicious, some of which still hosted phishing sites
- Dozens of intranet domains that hosted publicly accessible login pages
Download a sample of the threat research materials now or contact us to access the complete set of research materials.