Google's New TLDs: A Boon for Hackers?

In May 2023, Google released two new top-level domains (TLDs): .zip and .mov. These TLDs are intended to be used for websites that offer file downloads, but security experts have warned that they could be used for phishing and other malicious purposes.

The .zip and .mov TLDs are similar to file extensions, which are used to identify the type of file that is being downloaded. For example, a file with the .zip extension is a compressed archive file, and a file with the .mov extension is a QuickTime video file.

Parts of a URL

Protocol

Knowing a few important parts of the URL will help you stay safe. First, the Protocol is where you will see https:// or http://. The HyperText Transfer Protocol (HTTP) requests the contents of the website and allows you to see it on your end. Make sure your connections use HTTPS — the S stands for secure. HTTPS encrypts your browser connection, making it more difficult for hackers to steal your data. HTTPS connections can be identified by the lock icon next to the URL.

Top-Level Domain (TLD)

When you type in a website address, the last part you enter is called the top-level domain. It’s the part after the dot. Like .com, .org and .net. There are even country-specific domains, like .uk and .au. In fact, there are over a thousand top-level domains currently in use.

Links and attachments in email The concern is that hackers could register websites with the .zip or .mov TLDs, and then create phishing emails or social media posts that appear to be offering legitimate file downloads. For example, an email might appear to be from a company like Adobe, and it might offer a link to download a new version of Adobe Reader. However, the link might actually lead to a malicious website that installs malware on the user's computer.

1. Always take time to investigate links and attachments in emails you receive. You can hover your mouse over the link and see where it is going to take you. If anything is suspicious, avoid that link!

2. Verify the sender. Look at who sent you the email and what domain they are sending from. This is a big giveaway to who really is the author of the email. If it looks off, it probably is!

3. Contact the sender directly in a different form or a new email. This way, if it is legitimate, you can verify it.

4. Let your IT or security team know immediately. If it’s a real email, they can let you know it’s safe. If it isn’t, you just helped save your organisation from a breach!

Use your bookmarks

Saving your most used websites to your bookmarks is both convenient and safe. When you use your saved bookmarks to head to a website, you ensure that you are actually going to a safe page and not stumbling onto a fake one.

For example: You receive an email that says you have been sent a shared file from a coworker using Google Drive or Sharepoint. There’s a link. But instead of clicking on the link in the email, you use the bookmarked link to where you store data and log in that way.

Hackers send links that look real. When you put your username and password into a realistic login page, they are able to collect your credentials. Using your bookmarked pages can help you avoid the trap!

We are dedicated to helping our clients develop strategies to protect their organisations data, people and future. Our services focus on guiding and assisting clients to achieve cyber security certifications through assessments, testing and training.

For more information click here to visit our home page.