Cybersecurity experts are raising concerns over Google’s new .ZIP and .MOV internet domains. The .ZIP domains are already been seen to be used in phishing attacks. Google release those top-level domains recently, which means that anyone can register .zip or .mov domain. The .zip extension allows cyber criminals to run phishing campaigns and abuse the fact that .zip is both a popular file name and also a top level domain. Domains such as officeupdate.zip and microsoft-office.zip have already been used in phishing campaigns. Researchers have also demonstrated how threat actors can make phishing URLs look like legitimate file downloads by using unicode characters and the @ symbol in URLs. Recommendation from the SANS Internet Storm Center is to disable access to .zip domains entirely until the dust settles and risks can be accessed.
https://medium.com/@bobbyrsec/the-dangers-of-googles-zip-tld-5e1e675e59a5
https://www.ghacks.net/2023/05/15/googles-zip-top-level-domain-is-already-used-in-phishing-attacks/
This segment was created for the It’s 5:05 podcast