Cybercriminals are using .zip domains as a phishing scam to get you to visit a malicious website to retrieve personal information.
Recently, .zip top-level domains have become available for public purchase. A top-level domain is the final section of a domain name. So, in knowb4.com, “.com” is the top-level domain. Unsurprisingly, cybercriminals have begun purchasing and using .zip domains for their own malicious purposes.
In the coming months, we expect to see an influx of cybercriminals trying to take advantage of .zip domains in their phishing scams. Cybercriminals may use .zip domains to trick you into thinking you’re downloading a file instead of visiting a malicious website. If you click a malicious .zip link, cybercriminals can trick you into entering your sensitive information.
Follow the tips below to spot similar scams:
- Before you click a link, look at the top-level domain. If it’s a .zip domain, it could be a phishing link.
- Think before you click. Cyberattacks are designed to catch you off guard and trigger you to click impulsively.
- When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails that contain spelling or grammatical errors.
Stop, Look, and Think. Don’t be fooled.
KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.
DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.