BrianKrebsSep 1, 2023

Why is the .US domain -- the country code top-level domain (ccTLD) for the United States -- consistently among the most prevalent in phishing domains?

And why is this okay, when other ccTLDs that also restrict registration to residents/citizens don't seem to have this problem? And when a fair number of .US domains are used to attack US government agencies? Today's story explores these questions:

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.

https://krebsonsecurity.com/2023/09/why-is-us-being-used-to-phish-so-many-of-us/

Why is .US Being Used to Phish So Many of Us? – Krebs on Security

Show threadUrsidinoj/The BjornsdottirsSep 1, 2023
@briankrebs I'm getting 403 flak off your site
Show threadBrianKrebsSep 1, 2023
@ellenor2000 come again? what's the issue exactly?
Show threadUrsidinoj/The BjornsdottirsSep 1, 2023
@briankrebs i try to click around and i am getting nondescript 403s.
Show threadBrianKrebsSep 1, 2023
@ellenor2000 can you give me an example of a link that is doing this?
Show threadUrsidinoj/The Bjornsdottirs
@briankrebs I'll give it 10 hours (I plan to sleep) and I'll get back to you if it's still doing it. Web stuff is super finicky.
Sep 1, 2023 at 3:57pmWeb