You Can’t Always Trust a Dot-Gov Domain



dotgovIt may be easier than one thinks to register a dot-gov domain, according to KrebsOnSecurity. People have tended to regard urls with the top-level domain dot gov as generally reliable, but this may need to change.

KrebsOnSecurity says it “received an email from a researcher who said he got a .gov domain simply by filling out and emailing an online form, grabbing some letterhead off the homepage of a small U.S. town that only has a ‘.us’ domain name, and impersonating the town’s mayor in the application.” The US General Services Administration (GSA) is responsible for managing dot gov top-level domain registration, and the experimenter received the domain he asked for. The researcher chose Exeter, Rhode Island, for the “thought experiment,” and it appears that the US General Services Administration (GSA) did not contact the town to verify that the request came from them until some days after KrebsOnSecurity informed the GSA that they may have a problem.

We are accustomed to seeing government offices and agencies impersonated with a plausible name that comes with a dot-com top-level domain. A famous one about a decade ago was whitehouse dot com, which led to an adult site, and not to the President of the United States, whose domain of course is whitehouse dot gov. The giveaway in that case was the dot com top-level domain. But the experiment KrebsOnSecurity reports suggests that it may be disturbingly easy to spoof a dot gov domain: it appears that, at the time of the posting, houston.gov, losangeles.gov, newyorkcity.gov, and philadelphia.gov were all available.

Both GSA and the Cybersecurity and Infrastructure Security Agency (CISA) are investigating, and looking into ways of tightening domain registration. We urge everyone not to attempt this kind of experiment on their own, since it amounts to wire fraud, but the incident should open our eyes to fresh possibilities of social engineering. As fraudsters advance in cunning and ingenuity, new-school security awareness training becomes even more important to arm your employees with the healthy skepticism every organization needs to stay safe.

KrebsOnSecurity has the story: https://krebsonsecurity.com/2019/11/its-way-too-easy-to-get-a-gov-domain-name/


Discover dangerous look-alike domains that could be used against you! 

Since look-alike domains are a dangerous vector for phishing attacks, it's top priority that you monitor for potentially harmful domains that can spoof your domain.

Our Domain Doppelgänger tool makes it easy for you to identify your potential "evil domain twins" and combines the search, discovery, reporting, risk indicators, and end-user assessment with training so you can take action now.

DomainDoppelgangerResults-1Here's how it's done:

  • Get detailed results of look-alike domains found similar to your primary email domain
  • You can now quiz your users with your look-alike results
  • Get a summary PDF that contains an overview of the look-alike domains and associated risk levels discovered during the analysis
  • It only takes a few minutes to discover your “evil domain twins”!

Find Your Look-Alike Domains!

PS: Don't like to click on redirected buttons? Cut & Paste this link in your browser:

https://www.knowbe4.com/domain-doppelganger



Subscribe to Our Blog


Comprehensive Anti-Phishing Guide




Get the latest about social engineering

Subscribe to CyberheistNews