| Netcraft.com | Netcraft.com |
Attackers are leveraging behavioral science to shape their campaigns.
Netcraft expects this to intensify in 2026, making intent detection just as important as artifact detection.
https://vmblog.com/archive/2025/11/19/five-cybersecurity-predictions-for-the-year-ahead.aspx
🚨 NEW THREAT INTEL REPORT: A football sponsorship isn’t always what it seems. ⚽
Our latest research uncovers how Felix Markets used sports to launder legitimacy for a fraudulent investment platform.
https://www.netcraft.com/blog/fake-investment-platform-reputation-laundering-felix-markets
Google has filed suit against a Chinese-based phishing-kit platform behind toll-road & delivery scams. Meanwhile our team at Netcraft uncovered 17,500+ domains targeting 316 global brands.
Read how PhaaS is going industrial: https://www.netcraft.com/blog/inside-the-lighthouse-and-lucid-phaas-campaigns-targeting-316-global-brands
📞 “Hello, this is your bank…”
No it’s not.
Learn how PNC’s team spots these calls before they reach customers.
💡 Webinar Nov 17 – Reserve your spot:
🚨NEW RESEARCH🚨
Attackers don’t always need zero-days. Sometimes, all it takes is a single character.
Our researchers recently uncovered a phishing wave abusing the Japanese Hiragana character “ん” – a lookalike that resembles a forward slash or Latin “n.” By inserting it into domain names, attackers are creating URLs that appear legitimate at a glance but redirect victims to credential harvesters, fake crypto wallets, and malware downloads.
Our investigation traced more than 600 malicious domains leveraging this technique.
Why it matters:
Unicode confusion lets these domains slip past regex filters and automated scanners. Punycode encoding makes them DNS-valid and browser-friendly.
The tactic spreads fast, beyond crypto into travel, enterprise, and education. This is a textbook example of attackers weaponizing subtlety.
👉 Read our full analysis here: https://www.netcraft.com/blog/down-the-hiragana-hole-uncovering-a-new-wave-of-lookalike-domains