New phishing attacks may use .zip, .mov and other new Internet domains

Beware of fraudulent activities using the newly launched .zip and .mov top-level domains. Phishing attacks have already targeted well-known brands like Microsoft and Okta. Apart from phishing, the new .zip and .mov TLDs have also been used for various malicious purposes like hosting zip bombs, redirecting to YouTube videos, and offering file compression services.

Here is an example of email on an iPhone that seems to contain a file, but actually contains a link to a website on a .zip domain:

In Thunderbird, you can still hover over the link to see the complete URL in the status bar… but for many people it may not be obvious that this is a link and not a file:

Stay vigilant to protect yourself from email phishing attacks leveraging these new TLDs!

, ,

No comments yet.

Leave a Reply

Copyright © 2022 Zimbra, Inc. All rights reserved.

All information contained in this blog is intended for informational purposes only. Synacor, Inc. is not responsible or liable in any manner for the use or misuse of any technical content provided herein. No specific or implied warranty is provided in association with the information or application of the information provided herein, including, but not limited to, use, misuse or distribution of such information by any user. The user assumes any and all risk pertaining to the use or distribution in any form of any subject matter contained in this blog.

Legal Information | Privacy Policy | Do Not Sell My Personal Information | CCPA Disclosures