Security Risk: .Mov and .Zip domains can lead to malware

We want to bring your attention to a concerning development involving the use of new top-level domains (TLDs) introduced by Google. Specifically, threat actors are leveraging TLDs such as .mov and .zip to target organizations, posing a significant security risk.

The Deceptive Nature of .mov and .zip Domains:

The primary concern lies in the fact that .mov and .zip are widely recognized file extensions for internet-shared files. Exploiting this familiarity, threat actors are employing .mov or .zip as domain extensions, allowing them to create URLs that masquerade as filenames with .mov or .zip extensions. This clever tactic enables them to purchase domains resembling familiar filenames like “update.zip” and trick unsuspecting victims into downloading malware during phishing campaigns. Our security partners at Arctic Wolf have already identified numerous instances where threat actors have misused .mov and .zip domains in successful phishing campaigns.

The Implications for your Organization’s Security:

Given the deceptive nature of .mov and .zip domains, it is imperative for organizations to understand the potential consequences they may face. Falling victim to a phishing campaign can result in severe repercussions, including unauthorized access to sensitive information, financial loss, and damage to your organization’s reputation. Therefore, taking proactive measures to mitigate these risks is of utmost importance.

Here’s How to Address this Security Risk:

To safeguard your organization from these targeted threats, we recommend the following steps:

Raise Awareness: Educate your employees about the risks posed by .mov and .zip domains and the importance of scrutinizing URLs before clicking on them.
Implement Robust Security Measures: Utilize reliable cybersecurity solutions that include advanced threat detection, anti-phishing tools, and email filtering capabilities to identify and block malicious links.
Stay Updated: Regularly update your organization’s security software, ensuring it incorporates the latest threat intelligence and detection mechanisms to stay ahead of evolving cyber threats.
Conduct Security Training: Conduct regular security training sessions to empower your employees with the knowledge and skills necessary to identify and respond to phishing attempts effectively.

As always, we’re here to function as your IT and cybersecurity partner, so if you need assistance with this issue, have any questions, concerns or feedback, please reach out to your account manager if you’re a TSI client. If you’re not currently a TSI client, please use our Contact Us form, and we’ll follow up and help you resolve this issue.

Stay vigilant, stay secure.

Chris Souza

Chief Executive Officer

Christopher Souza, Chief Operations Officer at Technical Support International, provides the leadership and direction in operations and the overall general management for TSI. Christopher is resolute in increasing productivity and efficiency utilizing benchmarks to quantify progress and measure success. He is responsible for developing and executing strategies and processes fostering rapid, profitable and sustainable growth including market expansion while maintaining customer satisfaction.

Christopher has over 16 years of experience in the High Technology Sector. Prior to joining TSI, Chris was a Branch Manager and Director of Sales/Marketing for local IT and telecommunication providers. Christopher has earned his BS in Accounting from the University of Massachusetts Dartmouth and his MBA in E-Business from the University of Phoenix satellite campus in Braintree, MA.