An anonymous reader shared this report by cybersecurity blogger Brian Krebs:
Domain names ending in “.US” — the top-level domain for the United States — are among the most common in phishing scams, new research shows. This is notable because .US is controlled by the US government, which is often the target of phishing domains ending in .US. Also, .US domains are supposed to be available only to US citizens and those who can prove they have a physical presence in the United States… [F]other major countries in the world have almost as many phishing domains as .US each year.
This is according to The Interisle Consulting Group, which collects phishing data from multiple industry sources and publishes an annual report on the latest trends. Interisle’s latest research examines six million phishing reports between May 1, 2022 and April 30, 2023, and 30,000 .US phishing domains found.
.US is controlled by the National Telecommunications and Information Administration (NTIA), an executive agency of the US Department of Commerce. However, NTIA currently contracted out the .US domain management of GoDaddy, the world’s largest domain registrar. Under NTIA regulations, the administrator of the .US registry must take certain steps to verify that their customers actually reside in the United States or own US-based entities. But Interisle found that whatever GoDaddy was doing to manage this verification process wasn’t working.
Comments are closed.