The dangers of newly registered domains to your business

The dangers of newly registered domains to your business

Cyberattacks continue to become more sophisticated every day, and hackers are constantly finding new ways to capture sensitive information from unsuspecting victims. Far too often, attacks involve a user clicking on a rogue link leading to a fraudulent website that steals data or unleashes destructive malware.

Security solutions such as antivirus software and firewalls already do a good job of blocking suspicious attacks. However, there are some malicious websites that are not yet flagged by security programs, and this is where blocking newly registered domains (NRDs) can come in.

What are NRDs?

According to cybersecurity company Palo Alto Networks, NRDs are websites that had only been registered or changed in the previous 32 days.

Out of 1,530 top-level domains (TLDs) analyzed by the company, such as .com, .uk, .cn, and .tk, more than 70% turned out to be suspicious, malicious, or potentially harmful to organizations. Palo Alto also found that NRDs are oftentimes abused by cybercriminals for malware distribution, phishing, spam, and typosquatting.

For instance, a domain that displays as mocrosoft.cn can be passed off by cybercriminals as a legitimate Microsoft page. Once users fall for this bait, hackers can easily steal confidential information from unsuspecting victims.

What makes NRDs a serious security threat?

Most of the domains used for malicious purposes are very short-lived; they can be up for only a few hours or a couple of days, and sometimes, even before any security software vendor can detect them. This is why blocking these suspicious domains is a necessary preventive security measure for businesses.

Compared to legitimate personal and business websites, fraudulent URLs tend to be much younger. And once they have been flagged by security vendors as malicious, they are immediately abandoned or shut down.

How can you protect your business from malicious NRDs?

#1. Block NRDs altogether

Although there might be instances when your employees will be unable to access new websites by legitimate entities, blocking NRDs altogether will still be a better choice for your business to mitigate the risk of cyberattacks.

#2. Block malicious TLDs

According to the researchers at Palo Alto, TLDs such as .to, .am, .pw, .la, and .in are among those that are more likely to host malicious content. By blocking access to websites that sport these domains, you’re significantly reducing the likelihood of malware contraction, phishing attacks, and other cyberthreats from infiltrating your IT infrastructure.

#3. Employee training

Limit the websites that your employees can access/visit. Train them on how to spot fraudulent websites. Make sure that your employees are only using websites that have existed for more than a month. For instance, websites such as gmail.com, office.com, and f1networks.com are websites that have been registered longer than a month, so they can be regarded as safe. There should only be few instances when a user has legitimate business reasons to contact a domain that has only been recently registered.

As much as possible, do not allow them to visit websites unrelated to their work. Inform them about the risks of accessing suspicious-looking URLs, such as malware contraction, or data theft. This way, they will help the company lessen the risk of cyberthreats.

Security threats such as malicious domains can cause a lot of problems for your business, and you can’t take any chances when it comes to your data. That’s where Binatech can help. Our network security solutions block inappropriate websites and content from entering your network, so you can have peace of mind when it comes to data safety. Contact us today to learn more!


Leave a comment!

You must be logged in to post a comment.

Getting the most out of cloud technology? Or don't even know what it is? Either way, our free eBook has answers.Click!
+