Phishing domains tanked after Meta sued Freenom

Phishing domains tanked after Meta sued Freenom

KREBSONSECURITY.COM
173
63
todsacerdoti
4d

Comments

@talhah 4d
While freenom did genuinely have issues with spam and the like.

I must say it played a pivotal role in my life, it allowed me to do my passion and have a domain name in my early teens when I couldn't pay for anything. Being able to toy with a domain name led me down many rabbit holes and led to me trying out self-hosting and system administration.

Sad we can't have free things.

@nubinetwork 4d
I wish they would do .cc next. I see a lot of spam from them on my personal mailboxes. Followed by all those google gtlds.
@IMSAI8080 4d
Any phishing domain in my spam folder is NameCheap 9 times out of 10.
@obituary_latte 4d
Now I just wish Google would get googleusercontent.com and googleapis.com under control...
@paulpauper 4d
It's funny how meta actually takes spam somewhat seriously, unlike google.
@throwawayadvsec 3d
Note: they "stopped phishing" by basically forbidding almost anyone from registering a domain, I've been trying to get a new domain there for months without success
@thayne 3d
The title is a little deceptive. From near the end:

> Unfortunately, the lawsuits have had little effect on the overall number of phishing attacks and phishing-related domains, which have steadily increased in volume over the years.

> Piscitello said despite the steep drop in phishing domains coming out of Freenom, the alternatives available to phishers are many.

@Nextgrid 3d
Facebook is playing double-standards here.

They are knowingly allowing card fraud and other cybercrime groups to operate openly on there. We’re not talking about criminals that use the platform while trying to appear sneaky and flying under the radar - we’re talking about groups outright advertising their wares in the group name: https://krebsonsecurity.com/2018/04/deleted-facebook-cybercr...

> Some had existed on Facebook for up to nine years; approximately ten percent of them had plied their trade on the social network for more than four years.

> KrebsOnSecurity’s research was far from exhaustive: For the most part, I only looked at groups that promoted fraudulent activities in the English language. Also, I ignored groups that had fewer than 25 members. As such, there may well be hundreds or thousands of other groups who openly promote fraud as their purpose of membership but which achieve greater stealth by masking their intent with variations on or mispellings of different cyber fraud slang terms.

I have my own personal experience with this. I came across a page promoting Snapchat (and maybe other services) hacking services that in exchange for a fee claimed it would email you the credentials of the target account, with plenty of obviously compromised accounts posting comments claiming it works. Obviously very illegal in the vast majority of jurisdictions, but the double whammy there is that the service was itself a scam.

Reporting the aforementioned group and a few of the fake comments yielded that none of this activity goes against their community standards.