A business has reported that cyber criminals have been exploiting vulnerabilities in the digital infrastructure of trusted brands under the name SubdoMailing since at least September 2022. Approximately 8,000 legitimate internet domains and 13,000 subdomains belonging to reputable and trusted brands have been hijacked and are being weaponized to host fraudulent websites. Furthermore, they are being used to disseminate up to five million phishing emails per day containing malicious links or attachments. Such emails are designed to deceive recipients into engaging with the content, potentially leading to malware infections or falling victim to phishing attacks. The purpose of these are to generate revenue through both malvertising and scams. For UK businesses, this presents a critical risk to their online reputation and the security of their customers' data.
Actions for businesses
This security threat highlights the importance of businesses' regularly monitoring their digital assets, particularly subdomains. Failure to detect and address unauthorised access to these domains promptly can result in severe consequences, including financial losses and legal liabilities. UK businesses are urged to prioritise cyber security measures such as conducting routine security audits, implementing robust access controls, and employing intrusion detection systems to mitigate the risk of subdomain hijacking.
Significantly, as a result businesses should be aware of the potential they will be exposed to phishing emails. Comprehensive cyber security awareness training should be provided to employees with an added importance to recognise phishing scams. By recognising the signs of phishing attempts and exercising caution when interacting with email content, employees can play a crucial role in mitigating the risks associated with spam campaigns originating from hijacked subdomains.
To Sum Up
This incident underscores the importance of proactive cyber security measures, including regular monitoring of digital assets, robust access controls, email filtering, and employee training. By taking decisive action to address these vulnerabilities, businesses can safeguard their reputation, protect sensitive data, and mitigate the financial and legal risks associated with cyber threats. It is imperative for UK businesses to remain vigilant and proactive in the face of evolving cyber threats to ensure the resilience of their digital infrastructure.
