What is going on?
Since 2020, criminal groups from Vietnam have re-registered domain names and set up forwarding services for such domains to obtain social media credentials and more.
What is the size?
Our conservative estimate is that these criminals re-register around 50.000 domain names each week since 2020.
Why is it a problem?
They mostly use stolen credit cards to pay for these domain names, but we have witnessed other forms of payment fraud.
What is the impact on a reseller or registrar?
We have seen registrars and resellers incur massive financial losses.
Sometimes, we see resellers or registars …
Recently we added the ScamAdviser feed to our DNS Abuse Monitoring system. Based on the input and experience from our customers, I thought it would be helpful to cover a few items.
ScamAdviser is a reputation-based feed that differs from the Google Safety Browsing feed. If Google marks a domain name as malicious, it is no longer accessible as many browsers will now warn internet users not to visit the website.
ScamAdviser will inform you if the reputation of the domain name is poor. Of course, a lousy score depends on many factors, and ScamAdviser uses plenty. But a poor …
In this article/faq, I will explain the security threat dashboarding/monitoring.
What is it?
In the first beta phase, we will make the threat intelligence we download from Pulsedive available to our customers in the domain manager.
If you are a customer of Realtime Register you can join the beta program.
Please contact our support team for information.
As a customer, you will be able to see the active security threats.
Security threats could be phishing domain names or malware domain names.
The Abuse Dashboarding provides you with information that usually does not get reported to Registrars.
As a result, you …
We are currently working on a project to provide abuse monitoring information to our customers.
Giving our customers just the raw data is not helpful, so our goal is to contextualize the data.
We still have long ways to go, but the basics are there.
So what do I see right now on our platform?
- Malware (67%)
- Phishing (23%)
- The rest falls into somewhat general buckets like BEC fraud, DGA, botnets, dark lists, crypto mining, etc. Very low incidental percentages.
The above-mentioned data is from two years of monitoring.
On the left is displayed the overall abuse percentage since …
“Behavior reflects personality. The best indicator of future violence is past violence. To understand the “artist,” you must study his “art.” The crime must be evaluated in its totality. There is no substitute for experience, and if you want to understand the criminal mind, you must go directly to the source and learn to decipher what he tells you. And, above all: Why + How = Who.”
― John E. Douglas, Mindhunter: Inside the FBI’s Elite Serial Crime Unit
The above quote is also applicable when you deal with cybercrime investigations. Though registrars usually do not deal with serial killers, …
