Back in 2014, (8th May to be precise) Google applied to ICANN for ownership of the .zip TLD (Top Level Domain).
Ever since then, they have sat on that TLD and have done nothing with it. Until now…
Now, you can register almost TLD as a .zip.
What could possibly go wrong with that?
Scammers are going to be registering all sorts of fake .zip domains to aid them in their ability to distribute malware to unsuspecting web users.
Imagine someone receiving an “official” email from Microsoft informing them of the need to update their Windows explorer due to a security issue.
Within the email is a link to explorer.zip
The unsuspecting user clicks the link and as such allows all manner of malicious data to be downloaded form the webservice which sits behind the URL.
A cursory search on the Google registry site reveals that a large number of interesting domains have already been bought…
But there are a lot of domains just waiting for someone to snap them up…
Google say that the .zip TLD is for Tying things together, or for moving really fast.
However, I honestly cannot see any reason why anyone would want to buy a .zip TLD for a legitimate reason.
In corporate networks, I can foresee domain admins simply blocking access to any/all .zip TLDs as there will be no way of knowing which are safe, and which are malicious until its too late.
Home users however are going to be the ones hit hardest by this new raft of phishing-enabling links.
Unless you run a pie-hole. With a pie-hole you can block all .zip TLDs quite easily
If you don’t know what a pi-hole is, or how to build one – check out my earlier posts.
In the meantime – be even more vigilant with respect to things you click