“.Zip” top-level domains draw potential for information leaks

As a result of Google’s announced sale of new TLDs that are also popular file extension formats, there is an increased risk with the deployment of the “.zip” domain that threat actors will develop new vectors for compromising victims. In early May 2023, Google released eight new TLDs, marketing the “.zip” domain as a way of letting an audience know that a domain’s owner is “fast, efficient, and ready to move.”

However, the move presents serious concern that domains using the “.zip” filename format could be confused with legitimate filenames, and vice versa, compounding the problem of users recognizing potential phishing attempts.

Read more…
Source: Cisco Talos