Time-Sensitive Approval Required for Security Vulnerability Fix

We want to bring to your attention that threat actors are targeting organizations using top level
domains (particularly .mov and .zip domains) that were recently introduced by Google, which potentially
pose a significant security risk to your organization.

The primary concern arises from the fact that .mov and.zip are commonly used file extensions for
internet-shared files and by utilizing .mov or .zip as a domain, threat actors can deceive victims by
disguising URLs as filenames with .mov or .zip extensions. This allows them to purchase a .mov or .zip
domain resembling familiar filenames (e.g., "update.zip") and trick victims into downloading malware
during phishing campaigns. Our security partners at Arctic Wolf have already identified instances of
.mov/.zip domains being misused in successful phishing campaigns, and considering past phishing
campaigns, we anticipate more threat actors will exploit these TLDs for phishing domains in the near
future.

Based on our assessment of the issue and the potential risk that it presents, we would like to
preemptively remediate the issue but will require your approval to do so.

We anticipate that this fix will take an hour to apply and will not result in any downtime.

As always, please reach out to your Account Manager with any questions you may have and thank you
for your attention to this matter. We are committed to ensuring the security of your organization and
look forward to following up with any actionable updates.