Interisle Study Presented to ICANN Government Advisory Committee

On Wednesday, June 10, 2026, Karen Rose presented Interisle’s recently published study, Malicious Registrations in the Domain Name Market: An Analysis of 2025 gTLD Registrations and Cybercriminal Demand, to the ICANN GAC (Government Advisory Committee) at ICANN86 Seville Policy Forum. The GAC advises ICANN on public policy aspects of specific issues for which ICANN has responsibility, and DNS abuse has long been an issue of particular interest to the GAC.

https://interisle.substack.com/p/interisle-study-presented-to-icann

#dnsabuse #icann #maliciousdomains #cybercrime

Cybercrime Reported in May 2026

Interisle's monthly report on cybercrime activity (phishing, malware, spam) for the month of May 2026 revealed a 27% increase in phishing reported compared to April and a 35% increase in spam. While malware reported in May decreased 17% compared to April, it still represents an 11% increase over the monthly average for the 12 -month period.

https://interisle.substack.com/p/cybercrime-reported-in-may-2026

#phishing #malware #spam #dnsabuse #cybercrime #cybersecurity

We're attending the #ICANN86 Policy Forum in Seville.

Interested in discussing DNS abuse, abuse mitigation, or broader DNS security topics? Come find us. And if you're there and just want to catch up, feel free to reach out.

#ICANN86 #DNSAbuse #AbuseMitigation #Cybersecurity

Malicious Actors Accounted for as much as 20% of New Domain Name Registrations in 2025

A new analysis by Interisle Consulting Group finds that cybercriminals registered a significant share of new domain name registrations in 2025, representing a substantial percentage of the generic Top-Level Domain (gTLD) market.

The study establishes that malicious actors purchased at least 10 percent of all newly registered gTLD domains in 2025, with projections indicating that the actual share may be closer to 20 percent.

#domainname #domainabuse #cybercrime #maliciousdomains #dnsabuse

https://interisle.substack.com/p/malicious-actors-accounted-for-as

Allowlisting: Exception Handling for Blocked TLDs

In this article, we discuss how to deal with blocklisting exception cases by using selective allowlisting to complement generalized blocklisting as part of an incident response.

https://interisle.substack.com/p/allowlisting-exception-handling-for

#dns #dnsabuse #blocklist #allowlist

Cybercrime Reported in April 2026

Interisle publishes quarterly data about cybercrime activity (for phishing, malware, and spam) at the Cybercrime Information Center.

Today, we look at cybercrime activity for the month of April 2026. We point out anything that strikes us as particularly interesting in overall numbers as well as significant changes in ranking for Top Level Domains (TLDs), Registrars, and Hosting Networks.

https://interisle.substack.com/p/cybercrime-reported-in-april-2026

#cybercrime #spam #phishing #malware #dnsabuse

Organizations still treat #DNS abuse as either a legal or a technical problem. That split creates a blind spot, especially around malicious subdomains, where sophisticated #phishing campaigns hide.

@icann shared the recent webinar by Alex Urbelis on #DNSAbuse: https://www.icann.org/en/engagement-calendar/details/icann-technical-webinar-emea-phishing-and-dns-abuse-operational-blindspots-2026-04-29

#DNSmodernization is not only about infrastructure, but also about security operations, abuse response and risk management.

#BrandProtection #ThreatIntelligence #IncidentResponse

WEBINAR 7 MAY 07:00 UTC – APRALO Policy Forum + EURALO – Understanding the Role of Trusted Notifiers in DNS Abuse Mitigation

REGISTER | ADD TO CALENDAR | PERMALINK

On 7 May 2026, at 07:00 UTC, the APRALO Policy Forum and EURALO will host a joint webinar 'Understanding the Role of Trusted Notifiers in DNS Abuse Mitigation'. The selection of this topic was motivated by the recent At-Large Webinar: Overview on DNS A

https://isoc.live/20897/

#post #2026 #APRALO #DnsAbuse #euralo

WEBINAR 29 APR 12:00 UTC – ICANN EMEA: Phishing and DNS Abuse – Operational Blindspots

REGISTER | ADD TO CALENDAR | PERMALINK

On Wednesday 29 April 2026 at 12:00-13:00 UTC the Internet Corporation for Assigned Names and Numbers (ICANN) will host a technical webinar 'EMEA: Phishing and DNS Abuse - Operational Blindspots'.

This presentation examines phishing and DNS abuse through real-world attack cases — traci

https://isoc.live/20848/

#post #DnsAbuse #EMEA #ICANN #phishing

How to Protect Against Phishy Top-level Domains, Part 2

In a previous article, we explained that risk-averse organizations routinely adopt TLD blocking as a defense against cyber-attacks.

We EMPHASIZED why this is a last resort measure and offered examples of TLDs that were persistently associated with major phishing and scam attacks in CY2025. We also describe how to make an informed TLD blocking decision.

In our earlier post, we explained how organizations or individuals could use Cisco’s OpenDNS service to adopt TLD blocking. Today, we’ll be taking a look at how NextDNS could be used to block TLDs.

https://interisle.substack.com/p/how-to-protect-against-phishy-top-b41

#phishing #cybercrime #blocklisting #tld #domainnames #dnsabuse