In case .com, .org, .net, .info, and the 100’s of others available are not enough, Google just added .ZIP and .MOV to the list of top-Level Domain names.

Since these are also common file extensions, you need to be a little more careful when looking for phishing emails. Attackers can craft a link in an email that will appear to be a file name but is actually a link to a website they control.

Bleeping Computer offers the following example:

“First extract the test.zip file and then look for test.mov.”

While they appear to be file names, they are links to a website which prompts for a Microsoft Login in a classic Credential Harvesting attack.

Takeaway:

Yet another reason to not trust any links in an email.

Source: Bleeping Computer

Definitions:

Credential harvesting attack - A cyber-attack where an attacker attempts to obtain sensitive information, such as usernames and passwords, from a victim. This can be done through various methods, such as phishing emails, fake login pages, or social engineering tactics. The attacker can then use this information to gain unauthorized access to the victim's accounts or sensitive data.

Top level domain (TLD) - The last part of a domain name, which comes after the final dot. Examples of TLDs include .com, .org, .net, .edu, .gov, .mil, and .int.

Would you like a free, no-obligation Cybersecurity Benchmarking of your organization showing where you stand vs. industry-accepted practices? Click here to schedule a time with one of our associates.