EmailDiscussions.com - View Single Post - Google's .zip Top Level domain used in phishing attacks

unbob · 17 May 2023, 03:24 AM

Beware! Cyber criminals are using .zip (and .mov) domains in phishing campaigns ...

https://www.ghacks.net/2023/05/15/go...shing-attacks/

https://medium.com/@bobbyrsec/the-da...d-5e1e675e59a5

I'm using browser extension 'Block Site' where I added *.zip and *.mov for blocking. Works with Chrome, Edge, Firefox and Opera. Easy to test too!
https://webextension.org/listing/block-site.html

Update: better yet, do this ...

Open the uBlock Origin settings panel by clicking on the uBlock Origin icon in your browser's toolbar.

Select the "My filters" tab.

In the text field, add the following lines:

||*.zip^
||*.mov^

Click the "Apply changes" button to save the filter.

This filter will effectively block all domains with the .zip and .mov TLDs. However, be aware that blocking an entire TLD may also block legitimate websites that use that TLD.

17 May 2023, 03:24 AM	#1
unbob Senior Member Join Date: Oct 2006 Posts: 100	Google's .zip Top Level domain used in phishing attacks Beware! Cyber criminals are using .zip (and .mov) domains in phishing campaigns ... https://www.ghacks.net/2023/05/15/go...shing-attacks/ https://medium.com/@bobbyrsec/the-da...d-5e1e675e59a5 I'm using browser extension 'Block Site' where I added .zip and .mov for blocking. Works with Chrome, Edge, Firefox and Opera. Easy to test too! https://webextension.org/listing/block-site.html Update: better yet, do this ... Open the uBlock Origin settings panel by clicking on the uBlock Origin icon in your browser's toolbar. Select the "My filters" tab. In the text field, add the following lines: \|\|.zip^ \|\|.mov^ Click the "Apply changes" button to save the filter. This filter will effectively block all domains with the .zip and .mov TLDs. However, be aware that blocking an entire TLD may also block legitimate websites that use that TLD. Last edited by unbob : 23 May 2023 at 11:58 PM.