7 Feb
2023
7 Feb
'23
2:39 p.m.
On 2/7/23 11:33 AM, Jay Hennigan wrote:
On 2/7/23 11:18, Michael Thomas wrote:
FWIW, lookalike domains can and do happen with http too. Nothing unique about that to email.
Then the bad guys throw in the occasional Cyrillic, etc. character that looks like a Roman one and things get even more fun.
At least with spear-phishing attacks you can bound the problem detection investigation since you know what your own domain's legit names are. Beyond that, I have no idea if any of the mailbox providers are doing anything about lookalike attacks. Email at least has the advantage that it is in hands of a user's provider who could care. CA's I'm sure couldn't care less. Mike