Cybercriminals are increasingly targeting domains related to artificial intelligence (AI), putting global brands at risk, warns the 2023 Domain Security Report by CSC. The report reveals that 43% of Forbes Global 2000 companies’ .AI domain extensions are owned by third parties, while 49% of these domains remain unregistered. This lack of direct ownership leaves brands vulnerable to third-party influence and increases the risk of brand infringement and cyberattacks. The report also highlights a 350% year-over-year increase in domain dispute cases involving .AI extensions, indicating that companies are realizing their brand’s .AI domains have been misappropriated by others.
To effectively protect their brands from fraud, companies must prioritize domain security measures. However, the report reveals that many of the world’s largest companies do not deploy recommended security measures. Over 100 of these companies lack essential domain security measures, making them highly susceptible to domain security threats, business disruption, and reputation damage.
Despite the growing threats of phishing, online fraud, and counterfeiting, many companies overlook foundational domain security measures such as registry lock, domain-based message authentication, reporting, and conformance (DMARC), domain name system security extension (DNSSEC), and DNS redundancy. For instance, only 23% of companies use registry lock, creating an opportunity for cybercriminals to exploit trusted brands.
The report also highlights the risk of homoglyphs, fake domains resembling the Global 2000 Brands. Shockingly, 79% of these registered domains are owned by third parties, and 40% are configured with MX records that could be used in future phishing attacks. MX records enable the sending of emails that appear to come from reputable brands. To mitigate this risk, companies must not only implement defensive security measures but also actively monitor the internet for potential attacks.
Subdomain hijacking is another significant threat revealed in the report. CSC’s analysis of over six million DNS records found that 21% of active subdomains don’t resolve, leaving companies vulnerable to hijacking. This finding emphasizes the importance of proper subdomain management for maintaining corporate security posture.
Domain security plays a crucial role in brand protection and should not be overlooked by businesses. CSC, the world’s largest corporate domain name registrar, focuses on safeguarding and managing core and tactical domain names. Additionally, CSC develops proactive brand monitoring programs to detect threats beyond the domain portfolio. This comprehensive approach helps brands gain visibility into emerging areas influenced by technological advancements. A security-minded domain registrar like CSC can assist brands in building necessary protections against fraud and brand infringement.
Protecting brands from cyber threats is essential in an ever-evolving digital landscape. By prioritizing domain security measures and working with trusted domain registrars, companies can mitigate risks and safeguard their valuable assets.
