There has been a notable increase in malicious campaigns launched from .es domains, which are primarily aimed at credential phishing and remote access trojans. Since January, 1,373 subdomains have hosted malicious content related to these campaigns. The majority of phishing attempts use email spoofing of known brands like Microsoft, primarily focused on workplace themes. Malicious subdomains are typically randomly generated, making them easier to identify. Despite the rise in .es domain abuse, its continued popularity remains uncertain, although the observed phishing tactics suggest a persistent trend.
Cybersecurity experts have reported a significant rise in malicious campaigns from .es domains, indicating a 19x increase, making it the third most common TLD for such activities.
Malicious .es domains host a high number of subdomains for credential phishing attacks, with 99% focused on this tactic, primarily through well-crafted email spoofing.
The rise of .es domains in cyberattacks indicates that domain abuse is shifting and evolving, highlighting how phishing tactics continue to prevail in the cyber landscape.
Collection
[
|
...
]