Europeans, Get Your .EU Domains All In Greek!

Domain names entirely in Greek script are now available from the .eu registry, EURid, with the launch this week of .ευ.

.ευ is the third top-level domain launched by EURid with the original .eu and then the Cyrillic version of .eu, .ею, in June 2016. Now there’s a Greek version too. And following changes to eligibility last month, citizens of a European Union country anywhere in the world can not only register .eu domain names but also .ευ.

“The .eu in Greek will enable end-users to enjoy the full Internationalised Domain Names experience in Greek, as Greek domain names will be registered under the Greek extension,” said Giovanni Seppia, EURid External Relations Manager.

“We worked hard to have the .eu in Greek delegated with ICANN/IANA and we are grateful to our industry peers who supported us throughout a process that has lasted a decade. We are delighted to add the Greek extension to the list of features for our registrars and registrants.”

All domain names registered under .ευ must be in Greek script and EURid will fully enforce the basic rule that the second-level script must match the top-level script. This means that any current domain names registered in Greek under .eu (Latin string) will undergo a three-year ‘script adjustment’ phase. All policies, procedures and features currently available for .eu (such as transfers, bulk transfers, multiyear, DNSSEC, registry lock, etc.) will also apply to .ευ.

For more information, EURid has a dedicated .ευ page at: https://eurid.eu/en/register-a-eu-domain/guidelines-eu-greek/

Keyword Researcher

U.S. Supreme Court To Decide If Adding .COM Makes A Protected Trademark

The U.S. Supreme Court has agreed to hear an appeal to decide if adding “.com” to a generic term can make it trademarkable. The case involves the online hotel reservation site Booking.com who was prevented by the U.S. Patent and Trademark Office from trademarking the site’s name as it was too generic to deserve legal protection, reports Reuters.

Booking.com, based in Amsterdam, began using its name globally in 2006 and has filed trademark applications in 2011 and 2012.

A tribunal of the PTO rejected those applications in 2016, “saying Booking.com referred generically to the common meaning of booking lodging and transportation and cannot be used exclusively through a federal trademark registration,” reported Reuters.

The Reuters report notes that under “U.S. law, only terms that distinguish a particular product or service from others on the market can be trademarked.” Under this law, called The Lanham Act, trademark registration for generic terms are banned. Booking.com, reports the ABA Journal, argues the addition of “.com” to the generic term makes it a protectable trademark.

“The agency noted that federal courts have rejected trademarks for other similar names, such as hotels.com, mattress.com and lawyers.com.”

There followed an appeal by Booking.com who presented the results of a survey finding three-quarters (74%) “of consumers identified Booking.com as a brand name. The Richmond, Virginia-based 4th U.S. Circuit Court of Appeals sided with the company last February because the name as a whole is understood by the public to refer to a business.”

According to the PTO, the ABA Journal notes, the 4th Circuit decision allowed Booking.com “to rely on survey evidence of brand identification to obtain federal trademark protection for a generic term, thus ‘freez[ing] out’ its competitors from using domain names that accurately categorise their services.”

Booking.com, “asking the Supreme Court to let the 4th Circuit ruling stand, called itself ‘one of the best-known travel and accommodations services in the United States.’” It also said that “decisions on whether a term is generic are factual in nature and should be decided on a case-by-case basis,” according to the ABA Journal.

“Appealing to the Supreme Court, the Patent and Trademark Office said that the addition of ‘.com’ to a generic word does not render it distinctive.”

“The PTO itself conceded at the administrative level that ‘it is impossible to use BOOKING.COM in a grammatically coherent way to refer generically to anything,’ and that ‘it is not at all logical to refer to a type of product or service as a ‘booking.com,’ ” the company’s brief said.

PIR Eyeing Growth Opportunities Following Ethos Capital Takeover

Public Interest Registry and the Internet Society announced Wednesday that they had agreed for PIR, the .org registry, to be taken over by Ethos Capital, an investment firm, based in the United States.

.ORG was established in 2002 when the Internet Society won a competitive bidding process for the .ORG registry and established PIR to manage and operate the .ORG domain.

The takeover sees PIR excited for their future and allowing the Internet Society to focus on their core activities with a long term financial endowment and security.

Speaking to Domain Pulse, PIR’s CEO Jon Nevett said they’re “excited for the future and the new opportunities the new ownership brings.” Nevett went on to say they’ll be looking at other TLDs that have a similar mission to PIR, without naming any, with a view to future takeovers and growth.

“We’ll be looking at other mission-based TLDs that are consistent in their mission with .org and that are focussed on doing good on the internet,” said Nevett.

Speaking to the issue of an increase in the registry fee that has been discussed in the domain name community in recent months, Nevett went on to say “the takeover is not a masterplan to increase the .org fee and any future increases would be reasonable and fair.” It was a point reiterated by a spokesperson for Ethos who said there would be no dramatic price increases, not least because of competitive pressures in the market, namely, a wide range of other choices of TLDs.

“For the most part, it’s just a change in ownership,” said Nevett. “The same management team will exist.”

“Since the inception of Public Interest Registry, our mission has been to enable the .ORG Community to use the Internet more effectively and change the world for the better,” stated Jon Nevett, CEO of Public Interest Registry in a joint announcement. “That will not change. We have enjoyed a long and successful relationship with the Internet Society, and are thrilled that we will be able to continue – and expand – our important work with Ethos Capital while sustaining our commitment to the .ORG Community going forward.”

Vint Cerf, former Chairman of the Board of ICANN and founding President of the Internet Society, said in a statement: “When the Internet Society won the bid to operate the .ORG registry, it enabled a productive and sustainable future for the organisation. Public Interest Registry exercised its stewardship to the benefit of the registrants and the Internet Society’s mission. I am looking forward to supporting Ethos Capital and PIR in any way I can as they continue to expand the utility of the .ORG top-level domain in creative and socially responsible ways.”

Going forward, PIR and Ethos Capital are planning to launch several new initiatives aimed at promoting and supporting the .ORG Community, including:

  • Establishing a Stewardship Council that will serve to uphold PIR’s core founding values and provide support through a variety of community programs;
  • Launching a Community Enablement Fund to support the financing of current and additional initiatives undertaken by key Internet organisations; and
  • Expanding a program to award .ORG prizes to promote the success and positive impact of non-profit organisations.

“We are excited to support PIR’s mission and build upon the incredible work it has done to promote success and positive impact for the .ORG Community,” said Erik Brooks, Founder & CEO of Ethos Capital. “As part of our commitment to setting the gold standard of registry operations, we will be establishing a Stewardship Council that will serve to uphold PIR’s core founding values and provide support through a variety of community programs.”

“Importantly, throughout the transition and beyond, we are committed to ensuring complete continuity of PIR’s operations and enhancing the relationships PIR has established over the years. We look forward to continuing PIR’s longstanding partnerships and vendor affiliations to ensure domain operations run smoothly and without interruption.”

Sources have told Domain Pulse the takeover was initiated by Ethos, who along with other interested companies approached the Internet Society and PIR and submitted proposals. But Ethos was judged to offer the best deal and be the best steward for .org and the .org community going forward.

Registrations in .org have declined in recent years to 10.1 million at the end of the first quarter of 2019, down from 10.4 million from 2 years ago, according to Verisign’s Domain Name Industry Brief. But the decline isn’t confined to .org, but rather an industry-wide trend, particularly among the legacy generic top-level domains (gTLDs), with the exception of .com. PIR also has 6 new gTLDs that have been delegated, 5 of which have entered general availability with the 2 largest being .ong and .ngo, both currently with 3,201 domains according to nTLDstats, as well as .ОРГ (1,151) being the only other with more than 1,000 registrations.

Ethos Capital describes themselves as a private investment firm focusing on companies in which technology can be used to automate, optimise and transform traditional business models into faster growing, more efficient organisations. Their founder and CEO, Erik Brooks worked at Abry Partners for 20 years before founding Ethos this year and worked on the deal that saw Abry, another private equity firm, take over Donuts, which is where it’s believed while working alongside former ICANN CEO and President Fadi Chehadé he gained an interest in the domain name industry.

In an announcement from PIR, Ethos Capital commented they are “committed to ensuring complete continuity of PIR’s operations, to maintaining the strong community relationships PIR has established over the years, and to continuing PIR’s longstanding partnerships and vendor affiliations to ensure domain operations run smoothly, without disruption to the .ORG Community or other generic top-level domains operated by the organisation.”

PIR is also likely to seek to change from a not-for-profit to a for profit organisation with their announcement noting that PIR will consider seeking B Corporation certification, a certification businesses can acquire “that meet the highest standards of verified social and environmental performance, public transparency, and legal accountability to balance profit and purpose.”

Keyword Researcher

A Call to Action on Advancing Cyberstability: Global Commission Launches Final Report

[news release] The Global Commission on the Stability of Cyberspace (GCSC) issued today [12 Nov] its final report Advancing Cyberstability, as part of a panel held at the 2019 Paris Peace Forum. Stef Blok, Minister of Foreign Affairs of the Netherlands, Jean-Yves Le Drian, Minister of Europe and Foreign Affairs of France, and David Koh, Chief Executive, Cyber Security Agency of Singapore, launched the report and placed the findings in the context of ongoing global efforts to enhance international security in cyberspace. Commission Co-Chairs, Michael Chertoff and Latha Reddy, along with former Chair Marina Kaljurand, presented recommendations and commented on the strategic approach and work of the GCSC.

This report represents the culmination of the Commission’s work over the last three years, offering a cyberstability framework, principles, norms of behavior, and recommendations for the international community and wider ecosystem.

“Earlier this year, 28 EU-member states backed a framework for sanctions targeting malicious cyber activities. Today, the GCSC consolidates a set of norms and principles for behavior of state and non-state actors. This is an important contribution to a digital space in which order and peace must prevail,” commented Stef Blok, Minister of Foreign Affairs of the Netherlands, a co-founder of the GCSC. “Since stability in cyberspace is directly linked with stability in the ‘real world,’ such a cyberstability framework is more crucial than ever. The next step in this multilateral process is to collect evidence and hold those who break the rules responsible. Together we must increase accountability and combine all pieces of the puzzle, between governments, tech and security firms, and civil society.”

The work of the Commission originated out of a desire to address rising social and political instability as a result of malicious actions in cyberspace. The situation has further deteriorated as evidenced by the rise in the number and sophistication of cyber attacks by state and non-state actors, which increasingly puts the considerable benefits of cyberspace at risk. In this increasingly volatile environment, there is an apparent lack of mutual understanding and awareness among communities working on issues related to international cybersecurity. With this report, the GCSC seeks to contribute to international efforts to address these challenges.

“Cyberstability and governance are inextricably and naturally linked,” added Michael Chertoff, GCSC Co-Chair. “As the digital age evolves so rapidly, governments and societies lack the desired level of exchange, let alone the decision-making processes needed to ensure the stability of cyberspace. The GCSC’s effort complements the work of other organizations, and will serve to influence how critical actors can engage with one another and collaborate towards a stable cyberspace.”

Emphasizing a concerted, multistakeholder approach, the framework reflects technological, product and operational measures, as well as a focus on behavioral change required among all stakeholders.

“The publication of this final report is not the end, but rather the beginning of a new profound effort toward implementing the suggested principles, norms, and recommendations,” stated Latha Reddy, GCSC Co-Chair. “The onus is on all stakeholders—governments, industry, civil society—to collaborate, adopt and implement accepted practices to help strengthen cyberstability. The stakes are higher than ever, which dictates a response in kind.”

Following the release, the GCSC members will continue to advocate and engage with their respective communities. Input and feedback from these groups were reflective of interactions with both state and non-state experts and will form the basis of advocating for the report going forward.

For an overview, see the Fact Sheet and for a copy of the report, visit Advancing Cyberstability.

About the Commission

Launched at the 2017 Munich Security Conference, the mission of the Global Commission on the Stability of Cyberspace is to develop proposals for norms and policies to enhance international security and stability and guide responsible state and non-state behavior in cyberspace. The Commission helps to promote mutual awareness and understanding among the various cyberspace communities working on issues related to international cybersecurity. For more information, please visit www.cyberstability.org.

This news release was sourced from: https://cyberstability.org/news/a-call-to-action-on-advancing-cyberstability-global-commission-launches-final-report/

WebHostingPad

Another 6-Figure DNJ Chart Topper

Domain Name Journal logo

As the weather cools down in the northern hemisphere, and heats up in the southern, the number of big domain name sales is heating up and for the third “week”, or should it be “chart”, in a row there’s been a 6-figure sale to top the Domain Name Journal chart of top reported sales. For the fortnight ending 13 October, the biggest sale was sexe.com, which sold for €210,000 ($233,100) through Sedo.

Coming in second and third was cryptoinsurance.com and sudoku.net, which sold for $70,000 and £42,500 ($54,825) through BlockchainNames and Sedo respectively.

On the aftermarket side of things, Uniregistry came out top with 9 sales while Sedo came second with 8 sales. For top-level domains (TLDs) there were 14 .com sales, 2 for .net and one each for .co.uk, .world, .co and .it.

To check out the Domain Name Journal chart of top reported sales for the fortnight ending 13 October in more detail, go to: http://dnjournal.com/archive/domainsales/2019/20191023.htm

Keyword Researcher

Explosive Allegations Made Against Directors Of Wasteful Spending As auDA Gets Second Choice Chair

auDA logo

It was supposed to be a new beginning. But on the day when a new auDA Board, including a new Chair, was announced, it appears there are still recriminations from those in the past with explosive allegations of what could at worst amount to corruption by outgoing directors. Not only that, the new CEO was second choice, with the first choice as Chair overruled due to what can be best described as a personality conflict.

First, today. A new Board has been appointed. The new Chair, Alan Cameron, was appointed after an executive search for the new Board. However the first recommendation for Chair, a high profile female company director, was overruled due to what Domain Pulse has been told can be best described as a “personality conflict” with at least one person on the outgoing Board.

Cameron has had a strong background having been appointed Chair of NSW Law Reform Commission in 2015 and prior to that was head of the Australian Securities and Investments Commission (ASIC) from 1993 to 2000. According to what is believed to be his LinkedIn profile he has been an Executive Director at Macquarie Group since 2007.

The new Board has stronger executive experience than previous Boards, but only a few Directors on the 9-member Board appear to have any background in the domain name industry. Also, auDA members were told there would be 6 independent appointed directors, one of which would be the Chair, and 4 elected directors. However in their announcement of the new Board today there were only 3 elected directors, none of whom have a background in domain investing which is sure to irk that community.

It also emerged today that a Freedom of Information (FOI) request in the name of Christopher Byron Leptos has been lodged on the Right to Know website, a website setup where the public can make requests for information on the goings on in government departments and their agencies, of which auDA, the .au policy and regulatory body, comes under through their connection with the Department of Communications and the Arts. The request has been timed 2 days out for the annual general meeting on 14 November, the last of which the outgoing Directors will attend.

Leptos was the former auDA Chair who walked out of a Board meeting in late July never to return with claims he was spurned in his request for more information on the then auDA CEO Cameron Boardman’s allegedly falsified academic qualifications. However it’s likely Leptos is not the person making the FOI requests as several of the requests relate negatively to him, but rather a disgruntled present or former Director, or even staffer, or both, with intimate knowledge of recent happenings at the Board level.

There were 6 FOI requests to the Department of Communications and the Arts dated 12 November in Leptos’ name, these relating to:

“serious allegations of bullying and intimidation committed by AUDA Chair Chris Leptos between May 2018 and June 2019 resulting in the resignation of a company secretary and an official complaint from a current AUDA staff member”

a “serious breach of governance and directors duty committed by AUDA director James Deck via his attempt to inappropriately access AUDA marketing funds, specifically” relating to an application using Deck’s position on the Board for “substantial marketing funds for his private business” and that former Chair Leptos “attempted to cover up and misrepresent the conduct of Deck”

a request for all relevant information on a direction from Departmental Officer Vicki Middleton instructing outgoing acting Chair Suzanne Ewart to “withdraw her application for Chair of the new AUDA board”

allegations of “verbal abuse directed at Departmental staff member Annaliesse [sic] Williams by AUDA directors Joe Manariti and James Deck at the ICANN meeting in Barcelona in October 2018” including amount of alcohol consumed by Manariti and Deck and response of the then Chair Leptos

an order by acting Chair Suzanne Ewart “to pay her A$10,000 per week despite there not being a Board resolution or budget for this to occur”, which didn’t include superannuation payments and was in addition to her Chair salary of $70,000 which would have taken her total salary “to $627,000 per year, making her the 9th highest paid public servant in Australia”

expense claims by the aforementioned Directors James Deck and Joe Manariti relating to their attendance at the ICANN meeting in Barcelona where the FOI request alleges Deck and Manariti’s flights were “booked through Manariti’s wife [sic] travel agency (African Luxury Safaris) at 30% more than market rates and equivalent airfares and contrary to AUDA travel policy” with “4 nights in Prague, 4 nights in Paris and 7 nights in Barcelona which shows that only 3 meeting [sic] were conducted over the 18 day trip”, “hotel accommodation in Barcelona at A$1500 per night for a luxury suite, despite other AUDA staff and directors staying in A$250 per night accommodation and a “total expense claim showing the AUDA was charged over $35,000 for this travel for 3 meetings in 18 days”

allegations relating to the above travel by Manariti and Deck that “AUDA incurred [an FBT liability] totaling over $11,000 as the travel was of a personal nature and not approved by AUDA and that the Chair of AUDA Suzanne Ewart covered up this liability”.

Liquid Web WW

Business Slow On The Uptake In Securing Their Domain Names With Registry Locks

The option of reducing the risk of domain names being hijacked by cybercriminals by signing up to a Registry Lock has been available through many top-level domains for several years now, but the uptake among brands, to which they are mostly aimed, has been very slow.

This is the subject of a recent blog post from SIDN, the manager for the Netherlands ccTLD .nl, who note that only 150 of the 5.8 million .nl domain names are secured with .nl Control, SIDN’s name for their Registry Lock.

While there is a cost involved in securing a domain name with a Registry Lock due to extra costs incurred, mostly in time by registrars and registries, the cost is inconsequential to business. And the costs of having one’s domain name hijacked by criminals can be major through loss of reputation and sales. Businesses known to have suffered having their domain name hijacked, and which the option of a Registry Lock likely would likely have prevented, in recent years even include Google, among other high-profile brands.

Despite the benefits of a Registry Lock and that to date they haven’t proven popular, they do protect against all hacks, including the hacking of a hoster or registrar. SIDN in their post say by “offering registry locks to customers, a registrar is effectively implying that its own systems are not entirely secure against hacking.”

They work by requiring any changes in a domain name record to be verified before the change can happen.

SIDN also note another problem: “the lack of good (international) e-IDs.” SIDN offer than own eID – eHerkenning in the Netherlands, but this is “only just starting to gather momentum as a business eID. And, without an e-ID system that everyone’s at home with, old-fashioned paperwork is the only way of verifying a customer’s identify in order to set up a registry lock.”

And when it comes to Registry Locks there’s a lack of standardisation which is an issue for the industry as well. A .com lock doesn’t work the same as a .nl lock, so things can get complex for an international company with multiple domains. Standardisation, SIDN note, was an issue of discussion between registries and registrars at the CENTR Registrar Day: why can’t the national registries get together and agree on a uniform registry lock?

SIDN go on to say that “as cybersecurity awareness grows and the value of a domain name is recognised more widely, the business community is coming to see an unprotected name as a vulnerability. It’s also increasingly common for a domain name to be pledged as collateral for a business loan. And the desire to make sure that a pledged domain name is completely secure is understandably strong. The rise of electronic IDs, such as eHerkenning, is also significant. By reducing the administrative burden associated with a registry lock, e-IDs are lowering the threshold to getting a name locked. It comes as no surprise, therefore, that various national registries represented in Brussels announced plans to introduce locks or to expand their existing services.”

Liquid Web WW

Carrot.com Sells Big in Half Million Dollar Sale

Domain Name Journal logo

It was 7 weeks in a row where the top reported domain name sale was below the 6-figure mark, and some weeks not even reaching $50,000. And now, it’s 2 weeks in a row for 6-figure sales. Last week saw glance.com top the chart selling for $160,000 and for this week, the week ending 29 September, there was a half million dollar sale topping the chart, with carrot.com coming out tops selling for $565,000 through Name Ninja, putting it firmly in the top 10 sales for the year to date. The buyer, reports DNJ, was a popular SaaS firm named Carrot that previously used oncarrot.com.

But while carrot.com sold big, it didn’t drag any other sales along with it, as the second and third biggest sales were kura.com, which sold for $68,495 through NameJet and litres.com ($37,500 through Uniregistry).

On the aftermarket side of things there were 6 sales each through NameJet, Uniregstry and Sedo. On the top-level domain (TLD)side of things there were 17 .com sales as well as 2 .co and one .ai sales.

To check out the Domain Name Journal chart of top reported sales for the week ending 29 September in more detail, go to: http://dnjournal.com/archive/domainsales/2019/20191009.htm

Keyword Researcher

ICANN Announces First Meeting Location For 2022, Third For San Juan

ICANN announced at their public meeting last week in Montreal that the first meeting of 2022, ICANN73, will be held at the Puerto Rico Convention Center from 5 to 10 March. It will be the third meeting to be held in San Juan with previous meetings held in June 2007 (ICANN29) and March 2018 (ICANN61).

The next of ICANN’s public meetings, ICANN67, will be held in Cancún, Mexico from 20 to 25 March 2021 and will include the annual Community Forum, which is usual for the first meeting of the year.

As ICANN explains, they hold three public meetings each calendar year in different regions of the world. The San Juan meeting will represent the North America region. ICANN Public Meetings are a central part of ICANN’s multistakeholder model, and provide a venue for progressing policy work, conducting outreach, exchanging best practices, negotiating business deals, and interacting with other members of the ICANN community, Board, and organization.

Usually comprised of more than 400 different sessions, these meetings are an important opportunity for individuals and representatives from ICANN’s various stakeholder groups to introduce and discuss issues related to the ICANN policy development process. Participants may attend either in-person or remotely. Meetings are open to everyone, and registration is free.

Keyword Researcher

Short-Lived Domains Play Major Part In Phishing Campaigns: Akamai

The latest Akamai State of the Internet report focuses on phishing and includes how short-lived domain names play their part. Phishing is a huge cost to brands large and small, and even individuals. Ever escalating defences against phishing are being met with ever escalating efforts by criminals with phishing having “evolved from being an email-based attack to one that now includes mobile devices and social media. This evolution is leveraging the world’s increasingly connected existence as a means of rapid propagation. This means that criminals now have more options when it comes to targeting their victims.”

Akamai Technologies logo

In their report, Akamai explain “Phishing attacks require two things: a lure and a landing. There are times when the lure is also the landing, so the technical elements of an attack depend on the phishing campaign itself, the scope, and the targets.”

“A lure gets the victim’s attention, by way of a warning, an urgent request, or some other message invoking a sense of alarm or concern. Once the lure works, the victim needs to land, and that is where the final phase of the attack happens.”

“The landing can be anything, including malicious attachments or links, a perfect clone of a bank’s website, a retail portal, or a simple form requesting information in exchange for some type of prize or reward.”

“Most landing elements in any given phishing attack involve a platform, better known as a kit. For this report we’ll focus on phishing kits. As a whole, phishing kits are anything but consistent.”

There are 2 types of phishing: generic phishing attacks, of which botnets are part, which are a numbers game where the criminal blasts their lure out to thousands — sometimes tens of thousands — of potential victims; and spear phishing attacks that usually only target one person or a group (such as a retailer’s customer base or a group of activists). Sometimes spear phishing attacks target a whole company and are mistaken for generic phishing attacks at first. What sets them apart from generic attempts, however, are the granular details. Spear phishing is commonly seen in nation-state attacks, corporate espionage campaigns, and fraudulent financial attacks in which the ultimate goal isn’t basic information gathering, but something more destructive or consequential.

And here’s where domain names come into phishing. The report explains “sometimes phishing kits are uploaded to a compromised website. When this happens, the attacker has exploited a vulnerability in the website’s CMS or on the server itself. Hijacking a domain like this to host a phishing kit takes advantage of the URL’s positive reputation and age, which enables the attacker to remain hidden longer. In other instances, the criminal will choose to purchase a domain and hosting package of their own.”

The report notes how “age is important when phishing URLs are considered. Newly created domains — those that are less than a month old — are often flagged as suspicious by security products.”

Explaining how criminals take advantage of short-lived domains, researchers track domain registrations and report domains frequently if they raise any red flags. The criminals take advantage of top-level domain (TLD) sales at a given registrar, buying in bulk and rotating through their collection during a given phishing run. This allows them to keep operating even if one of their domains — or several of them — are taken down or flagged.

The financial benefits can be significant. The report notes how “in instances like these, a domain that lasts for a few days could yield hundreds of victims, but even those that only last a few hours still return net positive results to the criminal. This is because after the initial outlay of expenses (domains, phishing kits, and perhaps hosting), a criminal only needs a few victims to get their money back. Everything after that is pure profit.”

There’s a race that goes on between the criminals and security teams looking to shut down their operations. “Although security teams report phishing URLs regularly, some criminals choose web hosts and domains where those reports are simply ignored. Yet, as the data shows, most kits have a short life, and the window of opportunity for most phishing kits is growing smaller.”

“Over a 60-day period, Akamai observed more than 2,064,053,300 unique domains commonly associated with malicious activity. Of those, 89% had a lifespan of less than 24 hours, and 94% had a lifespan of less than three days.”

“Considering the phishing domains, notable short-lived TLDs such as .gq, .loan, and .tk have a median lifespan of 24 hours and mean lifespan of less than two days. Looking at the data, the availability of cheap name registration on TLDs such as these is a boon to criminals; it makes detection more difficult because the names live in traffic so briefly.

“The high number of .com domains with short lifespans can be attributed to names used for botnet traffic, with large numbers of new names used daily (most of which are not registered and so do not resolve).”

To download the Akamai State Of The Internet report called Phishing — Baiting the Hook, see: akamai.com/us/en/multimedia/documents/state-of-the-internet/soti-security-phishing-baiting-the-hook-report-2019.pdf

 Keyword Research Tool