Security Tip of the Week – Watch Out for .us Domains

Cybercriminals have been using over 20,000 .us top-level domains in phishing attacks to attack organizations worldwide.

Keller Schroeder Security Solutions Group Logo

The Interisle Consulting Group has published a report that cybercriminals have been using over 20,000 .us top-level domains in phishing attacks. A top-level domain is the final section of a domain name, such as “.com” in “knowbe4[.]com”. 

Although .us is the country code for the United States, cybercriminals have been using this domain to attack organizations worldwide such as Apple, Great Britain’s Royal Mail, and the Denmark Tax Authority. Cybercriminals may use these domains to trick you into thinking you’re visiting an official US website instead of a malicious one. Clicking a malicious .us link from cybercriminals could lead to malware or trick you into revealing sensitive information.

Follow the tips below to spot similar scams:

  • Never click a link in an email that you weren’t expecting.
  • Think before you click. Cyberattacks are designed to catch you off guard and trigger you to click impulsively. 
  • When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails that contain spelling or grammatical errors.

Stop, Look, and Think. Don’t be fooled.


KnowBe4 Logo - Keller Schroeder Vendor Partner

KnowBe4 is the world’s most popular integrated platform for awareness training combined with simulated phishing attacks. Let Keller Schroeder show you how KnowBe4 has helped thousands of organizations just like yours manage the continuing problem of social engineering. Contact us today to learn more.


DISCLAIMER : Any non-technical views expressed are not necessarily those of Keller Schroeder or its employee-owners.

Share:

Join Our Mailing List

More Posts