{"id":14964,"date":"2023-06-28T01:21:11","date_gmt":"2023-06-28T05:21:11","guid":{"rendered":"https:\/\/tsisupport.com\/tsistaging\/?p=14964"},"modified":"2023-06-28T11:19:15","modified_gmt":"2023-06-28T15:19:15","slug":"security-risk-mov-and-zip-domains-can-lead-to-malware","status":"publish","type":"post","link":"https:\/\/tsisupport.com\/tsistaging\/?p=14964","title":{"rendered":"Security Risk: .Mov and .Zip domains can lead to malware"},"content":{"rendered":"<p><span style=\"font-weight: 400;\">We want to bring your attention to a concerning development involving the use of new top-level domains (TLDs) introduced by Google. Specifically, threat actors are leveraging TLDs such as .mov and .zip to target organizations, posing a significant security risk.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">The Deceptive Nature of .mov and .zip Domains:<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">The primary concern lies in the fact that .mov and .zip are widely recognized file extensions for internet-shared files. Exploiting this familiarity, threat actors are employing .mov or .zip as domain extensions, allowing them to create URLs that masquerade as filenames with .mov or .zip extensions. This clever tactic enables them to purchase domains resembling familiar filenames like &#8220;update.zip&#8221; and trick unsuspecting victims into downloading malware during phishing campaigns. Our security partners at Arctic Wolf have already identified numerous instances where threat actors have misused .mov and .zip domains in successful phishing campaigns.\u00a0<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">The Implications for your Organization&#8217;s Security:<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">Given the deceptive nature of .mov and .zip domains, it is imperative for organizations to understand the potential consequences they may face. Falling victim to a phishing campaign can result in severe repercussions, including unauthorized access to sensitive information, financial loss, and damage to your organization&#8217;s reputation. Therefore, taking proactive measures to mitigate these risks is of utmost importance.<\/span><\/p>\n<h2><span style=\"font-weight: 400;\">Here\u2019s How to Address this Security Risk:<\/span><\/h2>\n<p><span style=\"font-weight: 400;\">To safeguard your organization from these targeted threats, we recommend the following steps:<\/span><\/p>\n<ul>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Raise Awareness: <\/b><span style=\"font-weight: 400;\">Educate your employees about the risks posed by .mov and .zip domains and the importance of scrutinizing URLs before clicking on them.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Implement Robust Security Measures: <\/b><span style=\"font-weight: 400;\">Utilize reliable cybersecurity solutions that include advanced threat detection, anti-phishing tools, and email filtering capabilities to identify and block malicious links.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Stay Updated: <\/b><span style=\"font-weight: 400;\">Regularly update your organization&#8217;s security software, ensuring it incorporates the latest threat intelligence and detection mechanisms to stay ahead of evolving cyber threats.<\/span><\/li>\n<li style=\"font-weight: 400;\" aria-level=\"1\"><b>Conduct Security Training: <\/b><span style=\"font-weight: 400;\">Conduct regular security training sessions to empower your employees with the knowledge and skills necessary to identify and respond to phishing attempts effectively.<\/span><\/li>\n<\/ul>\n<p><span style=\"font-weight: 400;\">As always, we\u2019re here to function as your IT and cybersecurity partner, so if you need assistance with this issue, have any questions, concerns or feedback, please reach out to your account manager if you\u2019re a TSI client. If you\u2019re not currently a TSI client, please use our <\/span><a href=\"https:\/\/tsisupport.com\/contact\/\"><span style=\"font-weight: 400;\">Contact Us form<\/span><\/a><span style=\"font-weight: 400;\">, and we\u2019ll follow up and help you resolve this issue.<\/span><\/p>\n<p><span style=\"font-weight: 400;\">Stay vigilant, stay secure.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>We want to bring your attention to a concerning development involving the use of new top-level domains (TLDs) introduced by Google. Specifically, threat actors are leveraging TLDs such as .mov and .zip to target organizations, posing a significant security risk. The Deceptive Nature of .mov and .zip Domains: The primary concern lies in the fact&hellip;<\/p>\n","protected":false},"author":4,"featured_media":14961,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":"","_links_to":"","_links_to_target":""},"categories":[20],"tags":[131],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Security Risk: .Mov and .Zip domains can lead to malware - TSI Support<\/title>\n<meta name=\"description\" content=\"Learn more about how to protect your organization today from recent .zip and .mov domains and how they are used for phishing attacks.\" \/>\n<meta name=\"robots\" content=\"noindex, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Security Risk: .Mov and .Zip domains can lead to malware - TSI Support\" \/>\n<meta property=\"og:description\" content=\"Learn more about how to protect your organization today from recent .zip and .mov domains and how they are used for phishing attacks.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/tsisupport.com\/tsistaging\/?p=14964\" \/>\n<meta property=\"og:site_name\" content=\"TSI Support\" \/>\n<meta property=\"article:published_time\" content=\"2023-06-28T05:21:11+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2023-06-28T15:19:15+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png\" \/>\n\t<meta property=\"og:image:width\" content=\"1920\" \/>\n\t<meta property=\"og:image:height\" content=\"960\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/png\" \/>\n<meta name=\"author\" content=\"Chris Souza\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Chris Souza\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"2 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=14964\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?p=14964\",\"name\":\"Security Risk: .Mov and .Zip domains can lead to malware - TSI Support\",\"isPartOf\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=14964#primaryimage\"},\"image\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=14964#primaryimage\"},\"thumbnailUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png\",\"datePublished\":\"2023-06-28T05:21:11+00:00\",\"dateModified\":\"2023-06-28T15:19:15+00:00\",\"author\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed\"},\"description\":\"Learn more about how to protect your organization today from recent .zip and .mov domains and how they are used for phishing attacks.\",\"breadcrumb\":{\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=14964#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/tsisupport.com\/tsistaging\/?p=14964\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=14964#primaryimage\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png\",\"contentUrl\":\"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png\",\"width\":1920,\"height\":960,\"caption\":\"google.zip\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/?p=14964#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/tsisupport.com\/tsistaging\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security Risk: .Mov and .Zip domains can lead to malware\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#website\",\"url\":\"https:\/\/tsisupport.com\/tsistaging\/\",\"name\":\"TSI Support\",\"description\":\"TSI - Technical Support International\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed\",\"name\":\"Chris Souza\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g\",\"caption\":\"Chris Souza\"},\"url\":\"https:\/\/tsisupport.com\/tsistaging\/?author=4\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Security Risk: .Mov and .Zip domains can lead to malware - TSI Support","description":"Learn more about how to protect your organization today from recent .zip and .mov domains and how they are used for phishing attacks.","robots":{"index":"noindex","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"og_locale":"en_US","og_type":"article","og_title":"Security Risk: .Mov and .Zip domains can lead to malware - TSI Support","og_description":"Learn more about how to protect your organization today from recent .zip and .mov domains and how they are used for phishing attacks.","og_url":"https:\/\/tsisupport.com\/tsistaging\/?p=14964","og_site_name":"TSI Support","article_published_time":"2023-06-28T05:21:11+00:00","article_modified_time":"2023-06-28T15:19:15+00:00","og_image":[{"width":1920,"height":960,"url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png","type":"image\/png"}],"author":"Chris Souza","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Chris Souza","Est. reading time":"2 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=14964","url":"https:\/\/tsisupport.com\/tsistaging\/?p=14964","name":"Security Risk: .Mov and .Zip domains can lead to malware - TSI Support","isPartOf":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#website"},"primaryImageOfPage":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=14964#primaryimage"},"image":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=14964#primaryimage"},"thumbnailUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png","datePublished":"2023-06-28T05:21:11+00:00","dateModified":"2023-06-28T15:19:15+00:00","author":{"@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed"},"description":"Learn more about how to protect your organization today from recent .zip and .mov domains and how they are used for phishing attacks.","breadcrumb":{"@id":"https:\/\/tsisupport.com\/tsistaging\/?p=14964#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/tsisupport.com\/tsistaging\/?p=14964"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=14964#primaryimage","url":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png","contentUrl":"https:\/\/tsisupport.com\/tsistaging\/wp-content\/uploads\/2023\/06\/google-zip.png","width":1920,"height":960,"caption":"google.zip"},{"@type":"BreadcrumbList","@id":"https:\/\/tsisupport.com\/tsistaging\/?p=14964#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/tsisupport.com\/tsistaging\/"},{"@type":"ListItem","position":2,"name":"Security Risk: .Mov and .Zip domains can lead to malware"}]},{"@type":"WebSite","@id":"https:\/\/tsisupport.com\/tsistaging\/#website","url":"https:\/\/tsisupport.com\/tsistaging\/","name":"TSI Support","description":"TSI - Technical Support International","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/tsisupport.com\/tsistaging\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/91ba4bc98e1a6b903424252af609a9ed","name":"Chris Souza","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/tsisupport.com\/tsistaging\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/d9e77a32df062fd4d46c61b29b00f1be?s=96&d=mm&r=g","caption":"Chris Souza"},"url":"https:\/\/tsisupport.com\/tsistaging\/?author=4"}]}},"_links":{"self":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/14964"}],"collection":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=14964"}],"version-history":[{"count":1,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/14964\/revisions"}],"predecessor-version":[{"id":14965,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/posts\/14964\/revisions\/14965"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=\/wp\/v2\/media\/14961"}],"wp:attachment":[{"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=14964"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=14964"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/tsisupport.com\/tsistaging\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=14964"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}