Security Magazine logo
  • Sign In
  • Create Account
  • Sign Out
  • My Account
  • NEWS
  • MANAGEMENT
  • PHYSICAL
  • CYBER
  • BLOG
  • COLUMNS
  • EXCLUSIVES
  • SECTORS
  • EVENTS
  • MEDIA
  • MORE
  • EMAG
  • SIGN UP!
cart
facebook twitter linkedin youtube
  • NEWS
  • Security Newswire
  • Technologies & Solutions
  • MANAGEMENT
  • Leadership Management
  • Enterprise Services
  • Security Education & Training
  • Logical Security
  • Security & Business Resilience
  • Profiles in Excellence
  • PHYSICAL
  • Access Management
  • Fire & Life Safety
  • Identity Management
  • Physical Security
  • Video Surveillance
  • Case Studies (Physical)
  • CYBER
  • Cybersecurity News
  • More
  • COLUMNS
  • Cyber Tactics
  • Leadership & Management
  • Security Talk
  • Career Intelligence
  • Leader to Leader
  • Cybersecurity Education & Training
  • EXCLUSIVES
  • Annual Guarding Report
  • Most Influential People in Security
  • The Security Benchmark Report
  • Top Guard and Security Officer Companies
  • Top Cybersecurity Leaders
  • Women in Security
  • SECTORS
  • Arenas / Stadiums / Leagues / Entertainment
  • Banking/Finance/Insurance
  • Construction, Real Estate, Property Management
  • Education: K-12
  • Education: University
  • Government: Federal, State and Local
  • Hospitality & Casinos
  • Hospitals & Medical Centers
  • Infrastructure:Electric,Gas & Water
  • Ports: Sea, Land, & Air
  • Retail/Restaurants/Convenience
  • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
  • Industry Events
  • Webinars
  • Solutions by Sector
  • Security 500 Conference
  • MEDIA
  • Videos
  • Podcasts
  • Polls
  • Photo Galleries
  • Videos
  • Cybersecurity & Geopolitical Discussion
  • Ask Me Anything (AMA) Series
  • MORE
  • Call for Entries
  • Classifieds & Job Listings
  • Continuing Education
  • Newsletter
  • Sponsor Insights
  • Store
  • White Papers
  • EMAG
  • eMagazine
  • This Month's Content
  • Advertise
Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!
CybersecurityManagementSecurity Enterprise ServicesSecurity Leadership and ManagementLogical SecuritySecurity & Business ResilienceSecurity Education & TrainingCybersecurity News

4 emerging threats in the domain name landscape

By Elliott Champion
domain-name-freepik1170x658v.jpg
May 31, 2022


Since the pandemic, businesses have changed their focus, looking to a fully digitized business model. As such, the last two years have transformed nearly every business into a form of digital entity, with digital assets becoming foundational elements of business operations and deemed as important as physical assets.


The pivot towards having some or nearly all operations online has been amplified by the emergence of cryptocurrency, online communications, and other online platforms. Organizations use these to engage with customers and disseminate information between the brands and their audiences. Unfortunately, despite web domains being the foundation of this new digital emergence, they’re often overlooked — which exposes businesses to cyber risks, as domains are a prime starting point for cyberattacks as well as brand-based fraud.


There are two common risks when domains are left unprotected. The first is related to domain name governance and domain hijacking, which brands are particularly susceptible to if they are registered with a consumer-grade registrar. These registrars often don’t implement registry lock and other advanced domain security measures, leaving the domain at risk. The second is fraudulent, brand-specific domain registrations, usually due to the absence of robust monitoring and enforcement service, making the brand appear an easy target to bad actors.


The registration and exploitation of fake branded domains to commit fraud and launch cyberattacks have exploded. Often, the intent of malicious domain registrations is to leverage the trust consumers have for the target organization and launch phishing attacks. Such digital brand abuse leads to revenue loss, traffic diversion, and a diminished brand reputation for the organization in question. Phishing and brand abuse takedowns, in general, have a median takedown time of six hours in the U.S., and 12 hours outside of the U.S., resulting in lost revenue and web traffic. Brand abuse takedowns can take longer as the issues are not often as straightforward and require further investigation and supporting documentation.


As third-party threats to domains continue to emerge, compromising organizations and their brands, I have noted four notable emerging threats in the domain name space to be aware of.


1. Ease of third-party registrations

Commonly unknown, anyone can register an available domain name at any time and at low cost. It’s an open playing field for creating threat vectors. If the domain name is available, all that’s needed is a credit card, and in 10 minutes, a bad actor can have a newly registered domain name — it’s that easy. A tactic commonly used by bad actors is to register a web domain months in advance and seemingly leave it dormant, only for it to resurface suddenly with the initiation of an attack — i.e., an email requesting sensitive information sent to the brand’s employees or customers — and see who bites.

 

2. A change in how organizations value their domain names

Organizations are suddenly realizing their domain names are their most critical brand-related digital assets, especially with COVID-19 accelerating the shifts in the digital landscape. Executives now see domain names as a vital piece of their digital strategy in creating a trusted brand. If these digital assets, which are driving interactions with customers, are not secure, organizations open themselves to huge cyber threats that could bring down operations, cause data breaches, and ultimately diminish customer trust in the brand. This highlights the importance of using a security-conscious registrar to safeguard the domains that your customers trust. And therefore, monitoring for spoofed domains must also be part of your digital governance strategy. 

 

3. The explosion of QR code use creates more routes to hijack

QR codes are images that can be scanned with a cell phone camera and translated to a URL that directs traffic to a specified domain name. QR code use lengthens the lifespan of a domain name, adding increased traffic to an organization’s website. But it also allows bad actors to redirect traffic for fraudulent purposes. For example, it was well-publicized that many 2022 Super Bowl commercials featured QR code images on the screen. These are becoming ubiquitous in our day-to-day lives and therefore present an opportunity to be hijacked, taking unsuspecting consumers, not to the genuine site, but instead pointing to a phishing site where personal data or financial information could be harvested.


4. The rise of Blockchain domains

Blockchain domain names are becoming more popular. A traditional domain name represents a particular IP address for a website accessible via the internet. Entering a domain into a URL field, the browser queries a DNS server, which then links the domain name to the IP address and displays the website associated with that domain name. By contrast, a blockchain domain runs on an alternative DNS, linking to an address on a blockchain provided by a blockchain domain name service. The issues with Blockchain domains are that they are not controlled by a regulator (e.g., ICANN), they are decentralized, meaning traditional enforcement processes don’t apply, and determining who owns or manages them is often more difficult. As with QR codes, Blockchain domains open new routes for bad actors to launch cyberattacks, but this time in an environment where enforcement action doesn’t necessarily result in the suspension or deactivation of the domain name.


Final thoughts

We’re now living in a digital economy, and we must pay close attention to these emerging digital threats in the domain name space. Many are still not aware of how easy these attacks can be deployed. Companies must establish a multistakeholder digital governance team and align strategies. Bad actors are early adopters of these attack vectors. Watch this space.  

KEYWORDS: blockchain cyber security domain name systems (DNS) attacks QR codes risk management third-party security

Share This Story

Looking for a reprint of this article?
From high-res PDFs to custom plaques, order your copy today!

Elliott headshot jpeg

Elliott Champion is the Global Product Director for Brand Protection at CSC in the DBS headquarters where he is responsible for proprietary technology and product strategy. He is also involved in building client-specific strategies, including optimizing a brand’s online presence, and protecting and evolving CSC Brand Protection services. Prior to his current role, Elliott advised European customers, building brand strategies, and worked as an enforcement analyst from his hometown of Cambridge in the U.K.

Recommended Content

JOIN TODAY
To unlock your recommendations.

Already have an account? Sign In

  • Security's Top Cybersecurity Leaders 2024

    Security's Top Cybersecurity Leaders 2024

    Security magazine's Top Cybersecurity Leaders 2024 award...
    Top Cybersecurity Leaders
    By: Security Staff
  • cyber brain

    The intersection of cybersecurity and artificial intelligence

    Artificial intelligence (AI) is a valuable cybersecurity...
    Cybersecurity
    By: Pam Nigro
  • artificial intelligence AI graphic

    Assessing the pros and cons of AI for cybersecurity

    Artificial intelligence (AI) has significant implications...
    Cybersecurity Education & Training
    By: Charles Denyer
Manage My Account
  • Security eNewsletter & Other eNews Alerts
  • eMagazine Subscriptions
  • Manage My Preferences
  • Online Registration
  • Mobile App
  • Subscription Customer Service

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

Middle East Escalation, Humanitarian Law and Disinformation – Episode 25

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

The Money Laundering Machine: Inside the global crime epidemic - Episode 24

Security’s Top 5 – 2024 Year in Review

Security’s Top 5 – 2024 Year in Review

More Videos

Sponsored Content

Sponsored Content is a special paid section where industry companies provide high quality, objective, non-commercial content around topics of interest to the Security audience. All Sponsored Content is supplied by the advertising company and any opinions expressed in this article are those of the author and not necessarily reflect the views of Security or its parent company, BNP Media. Interested in participating in our Sponsored Content section? Contact your local rep!

close
  • Sureview screen
    Sponsored bySureView Systems

    The Evolution of Automation in the Command Center

  • Crisis Response Team
    Sponsored byEverbridge

    Automate or Fall Behind – Crisis Response at the Speed of Risk

  • Perimeter security
    Sponsored byAMAROK

    Why Property Security is the New Competitive Advantage

Popular Stories

Rendered computer with keyboard

16B Login Credentials Exposed in World’s Largest Data Breach

Verizon on phone screen

61M Records Listed for Sale Online, Allegedly Belong to Verizon

Security camera

40,000 IoT Security Cameras Are Exposed Online

Security’s 2025 Women in Security

Security’s 2025 Women in Security

Fountain pen

Trump Administration Executive Order Changes Cybersecurity Policy

2025 Security Benchmark banner

Events

July 17, 2025

Tech in the Jungle: Leveraging Surveillance, Access Control, and Technology in Unique Environments

What do zebras, school groups and high-tech surveillance have in common? They're all part of a day’s work for the security team at the Toledo Zoo.

August 7, 2025

Threats to the Energy Sector: Implications for Corporate and National Security

The energy sector has found itself in the crosshairs of virtually every bad actor on the global stage.

View All Submit An Event

Products

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

Security Culture: A How-to Guide for Improving Security Culture and Dealing with People Risk in Your Organisation

See More Products

Related Articles

  • Digital dollar concepts

    Emerging Cyber Threats in a Rapidly Evolving Landscape

    See More
  • White House

    Government Sector the Most Popular Target for Domain Name Systems Attacks

    See More
  • NSA CCC PDNS

    NSA Cybersecurity Collaboration Center releases first speaker series video on Protective Domain Name System (PDNS)

    See More
×

Sign-up to receive top management & result-driven techniques in the industry.

Join over 20,000+ industry leaders who receive our premium content.

SIGN UP TODAY!
  • RESOURCES
    • Advertise
    • Contact Us
    • Store
    • Want More
  • SIGN UP TODAY
    • Create Account
    • eMagazine
    • eNewsletter
    • Customer Service
    • Manage Preferences
  • SERVICES
    • Marketing Services
    • Reprints
    • Market Research
    • List Rental
    • Survey/Respondent Access
  • STAY CONNECTED
    • LinkedIn
    • Facebook
    • YouTube
    • X (Twitter)
  • PRIVACY
    • PRIVACY POLICY
    • TERMS & CONDITIONS
    • DO NOT SELL MY PERSONAL INFORMATION
    • PRIVACY REQUEST
    • ACCESSIBILITY

Copyright ©2025. All Rights Reserved BNP Media.

Design, CMS, Hosting & Web Development :: ePublishing

Security Magazine logo
search
cart
facebook twitter linkedin youtube
  • Sign In
  • Create Account
  • Sign Out
  • My Account
Security Magazine logo
  • NEWS
    • Security Newswire
    • Technologies & Solutions
  • MANAGEMENT
    • Leadership Management
    • Enterprise Services
    • Security Education & Training
    • Logical Security
    • Security & Business Resilience
    • Profiles in Excellence
  • PHYSICAL
    • Access Management
    • Fire & Life Safety
    • Identity Management
    • Physical Security
    • Video Surveillance
    • Case Studies (Physical)
  • CYBER
    • Cybersecurity News
    • More
  • BLOG
  • COLUMNS
    • Cyber Tactics
    • Leadership & Management
    • Security Talk
    • Career Intelligence
    • Leader to Leader
    • Cybersecurity Education & Training
  • EXCLUSIVES
    • Annual Guarding Report
    • Most Influential People in Security
    • The Security Benchmark Report
    • Top Guard and Security Officer Companies
    • Top Cybersecurity Leaders
    • Women in Security
  • SECTORS
    • Arenas / Stadiums / Leagues / Entertainment
    • Banking/Finance/Insurance
    • Construction, Real Estate, Property Management
    • Education: K-12
    • Education: University
    • Government: Federal, State and Local
    • Hospitality & Casinos
    • Hospitals & Medical Centers
    • Infrastructure:Electric,Gas & Water
    • Ports: Sea, Land, & Air
    • Retail/Restaurants/Convenience
    • Transportation/Logistics/Supply Chain/Distribution/ Warehousing
  • EVENTS
    • Industry Events
    • Webinars
    • Solutions by Sector
    • Security 500 Conference
  • MEDIA
    • Videos
      • Cybersecurity & Geopolitical Discussion
      • Ask Me Anything (AMA) Series
    • Podcasts
    • Polls
    • Photo Galleries
  • MORE
    • Call for Entries
    • Classifieds & Job Listings
    • Continuing Education
    • Newsletter
    • Sponsor Insights
    • Store
    • White Papers
  • EMAG
    • eMagazine
    • This Month's Content
    • Advertise
  • SIGN UP!