The new zip and mov web domains will be actively used by hackers and cyber crooks to deceive Internet users because of their similarity to file types with the same name. It has been reported BleepingComputer with reference to cybersecurity researchers and IT administrators.
It is noted that the new domain names are introduced by Google. Zip and mov is one of eight new domains that can be purchased to host websites or email addresses. While zip and mov have been available to companies since 2014, they went public just this month.
“This allowed anyone to buy space for a website, and social networks and instant messengers will now convert .zip and .mov filenames into URLs,” the experts said.
As a result, a person may accidentally visit a site and fall victim to phishing or download malware, thinking that the URL is safe because it comes from a trusted source such as a social network or messenger.
“Attackers are unlikely to register thousands of domains to take over a few victims, it’s just enough for a company employee to accidentally install malware and the entire network will be affected,” the experts said.
At the same time, cybersecurity firm Silent Push Labs discovered a microsoft-office phishing page with a zip domain attempting to steal Microsoft account credentials from users.
Previously, Kaspersky Lab experts to create A set of apps infected with the Fleckpe Trojan on the Google Play digital store.