We want to bring to your attention that threat actors are targeting organizations using top level
\ndomains (particularly .mov and .zip domains) that were recently introduced by Google, which potentially
\npose a significant security risk to your organization.<\/p>\n
The primary concern arises from the fact that .mov and.zip are commonly used file extensions for
\ninternet-shared files and by utilizing .mov or .zip as a domain, threat actors can deceive victims by
\ndisguising URLs as filenames with .mov or .zip extensions. This allows them to purchase a .mov or .zip
\ndomain resembling familiar filenames (e.g., "update.zip") and trick victims into downloading malware
\nduring phishing campaigns. Our security partners at Arctic Wolf have already identified instances of
\n.mov\/.zip domains being misused in successful phishing campaigns, and considering past phishing
\ncampaigns, we anticipate more threat actors will exploit these TLDs for phishing domains in the near
\nfuture.<\/p>\n
Based on our assessment of the issue and the potential risk that it presents, we would like to
\npreemptively remediate the issue but will require your approval to do so.<\/p>\n
We anticipate that this fix will take an hour to apply and will not result in any downtime.<\/p>\n
As always, please reach out to your Account Manager with any questions you may have and thank you
\nfor your attention to this matter. We are committed to ensuring the security of your organization and
\nlook forward to following up with any actionable updates.<\/p>\n
For more information on how TSI can help your organization stay compliant with minimal disruption or if there\u2019s anything we can help address, please give us a call at 508-543-6979<\/a>\u00a0or send us a message here to get started.<\/p>\n<\/div>\n\t<\/div>\n<\/div>\n