BrianKrebsSep 1, 2023

Why is the .US domain -- the country code top-level domain (ccTLD) for the United States -- consistently among the most prevalent in phishing domains?

And why is this okay, when other ccTLDs that also restrict registration to residents/citizens don't seem to have this problem? And when a fair number of .US domains are used to attack US government agencies? Today's story explores these questions:

Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States.

https://krebsonsecurity.com/2023/09/why-is-us-being-used-to-phish-so-many-of-us/

Why is .US Being Used to Phish So Many of Us? – Krebs on Security

Show thread@infosec_jcp 🐈🃏 done differentlySep 1, 2023

@briankrebs

Hmm, so .us is just like .ly & .XYZ & .mov & .zip domains for ☣️? Huh.

I think I should do a new Bing🔴 Card 🤡🎡 for the SOC🧦 🐈🃏 😆☣️

🧵
👇
https://infosec.exchange/@infosec_jcp/110577970480550542

Perhaps making a bingo card for helping clean up some .us domains would be effective at the ccTLD level as a visual reference? Some ppl are more visual learners so. ¯\_(ツ)_/¯

@infosec_jcp 🆓🐦🐈🃏 done differently (@[email protected])

Attached: 1 image · Content warning: re: #infosec #bingo 🐈🃏

Infosec Exchange
Show threadhackbyte Antifa (friendica) 13HB1Sep 1, 2023
@infosec_jcp @briankrebs Uhm .. sry .. but .. .social exists? ;)
Show thread@infosec_jcp 🐈🃏 done differentlySep 1, 2023

@hackbyte @briankrebs

You mean 'FreeWebHosting', from an Advertising company, I believe. Like a Tripod, Angel fire, MySpace, Friendster, etc.

Unless you are talking about the depreciated MARCOM terminology, Social media, from 15+yrs ago, that's run by Advertising Companies dressing up via fancy made up words to describe their AD / Profiling / LDAP / BBS like Platform that just hides the email address per user with a slightly different UI/UX & has UUEncoding/UUDecoding built in like the newsgroups, iGuess? 😆¯\_(ツ)_/¯

Show threadhackbyte Antifa (friendica) 13HB1

@infosec_jcp @briankrebs oh my fscking gosh ... no i'm absolutely _NOT_ talking about that...

More about like originary #fediverse services and sites like mastodon.social, firefish.social, friendica.social (sadly down) and lots of others.... mhhhhh ;)

Sep 1, 2023 at 8:08pmWeb
Show thread@infosec_jcp 🐈🃏 done differentlySep 1, 2023

@hackbyte @briankrebs

So #fediverse 🎯😆 & #ActivityPub 🍻

Show threadhackbyte Antifa (friendica) 13HB1Sep 1, 2023

@infosec_jcp I actually prefer the visualisation here... but it is outdated sadly. ;)

.oO( i came down and _actually_ joined the fediverse way back down when Google+ Died ... and first was on the common treck to #diaspora* .. from which i emancipated a (few?) years later ;))

Show threadhackbyte Antifa (friendica) 13HB1Sep 1, 2023
@infosec_jcp But basically yes..... the greater #fediverse with all it's bits and bobs .... isles and non-isles. ;)
Show thread@infosec_jcp 🐈🃏 done differentlySep 1, 2023

@hackbyte

https://infosec.exchange/@infosec_jcp/110991731557383694

@infosec_jcp 🆓🐦🐈🃏 done differently (@[email protected])

Perhaps we need to #rebrand some #advertising companies who call themselves #SocialMedia as : #OligarchRunFreeWebHosting platform on #web1 💯💸 🤔

Infosec Exchange
Show threadhackbyte Antifa (friendica) 13HB1Sep 1, 2023
@infosec_jcp @briankrebs Essactly! ;)