/plushcap/analysis/cloudflare/dont-trust-that-tweet-or-email

Don’t trust that tweet…or that email from "Bill Gates"

What's this blog post about?

Every day, hundreds of thousands of new domains are registered globally, making it easy for attackers to create fraudulent domains for use in phishing campaigns. According to ICANN, nearly 5.45% of newly registered domains per day are malicious (including phishing, botnets, and malware). On July 16th, 2020, an email from a domain strikingly similar to the legitimate Bill & Melinda Gates Foundation's domain was sent to numerous recipients, seeking donations in Bitcoin. The attacker used typosquatting when creating the domain name and set up an SPF record for reliable delivery of their attack. This phish was sent just a day after Bill Gates’ Twitter account was hacked and used to tweet a message nearly identical to this email.

Company
Cloudflare

Date published
July 20, 2020

Author(s)
Elaine Dzuba

Word count
554

Hacker News points
None found.

Language
English


By Matt Makai. 2021-2024.