Namecheap hosted 25%+ of fake UK govt phishing sites last year – NCSC report

[Infrasonic]

https://www.theregister.com/2021/05/10/ ... ce_report/

Domains'n'hosting outfit Namecheap harboured more than a quarter of all known phishing sites that falsely posed as UK government web presences during 2020, according to the National Cyber Security Centre today.

This stat can be found in the centre's fourth annual Active Cyber Defence report, which boasts how much digital filth it cleansed from the internet. These included 700,000 scam sites stretching across 1.4 million URLs, or so the NCSC tells us.

Cont.

Seems their slowness in responding increased their attractiveness as a hosting target. Something to bear in mind with any cheap domain/web/email hosting packages - reputational damage to your domain/business through association with spammy/scammy hosts and their associated grey/blocklisted IP addresses.

[ReformedCharacter]

https://www.theregister.com/2021/05/10/ncsc_active_cyber_defence_report/

Domains'n'hosting outfit Namecheap harboured more than a quarter of all known phishing sites that falsely posed as UK government web presences during 2020, according to the National Cyber Security Centre today.

This stat can be found in the centre's fourth annual Active Cyber Defence report, which boasts how much digital filth it cleansed from the internet. These included 700,000 scam sites stretching across 1.4 million URLs, or so the NCSC tells us.

Cont.

Seems their slowness in responding increased their attractiveness as a hosting target. Something to bear in mind with any cheap domain/web/email hosting packages - reputational damage to your domain/business through association with spammy/scammy hosts and their associated grey/blocklisted IP addresses.

When my wife received a dodgy looking email about needing to pay a couple of quid for a Post Office delivery I checked the fake domain and it was indeed a Namecheap site, something like PostOfficeDeliveries.com.

RC

[Infrasonic]

Amazon, Microsoft (Azure) and Google all have hosting issues too, but they tend to shut down phishing sites within a matter of minutes or hours rather than days.
I did have a temporary block on Azure domains on my oldest primary Outlook.com account for a while - I was getting so many phishing emails from it (all going to the junk folder). Removed the block a few days ago, no issues currently.

Spam to that account (it's been involved several data breaches) seems to be very sporadic currently, at its peak it was fifty plus a day.
So it seems the big email players at least are getting better at filtering it out almost completely. I do bulk report all spam as phishing though, in the hope that the additional AI analysis will reduce the volume.

[supremetwo]

I reported a faker directly to another registrar and got this response:-

We are the registrar of the domain name, but not the registrant.
We neither control the concrete use of the domain name nor do we have access to any content hosted on this domain.

If a heavy fines regime existed, registrars would have to police domain content, but that policing would result in a huge increase in registration fees.

[Infrasonic]

I reported a faker directly to another registrar and got this response:-

We are the registrar of the domain name, but not the registrant.
We neither control the concrete use of the domain name nor do we have access to any content hosted on this domain.

If a heavy fines regime existed, registrars would have to police domain content, but that policing would result in a huge increase in registration fees.

The hosting company should be responsible for any malicious content. And any smart scammer is going to split their registrar/hosting, so the domain registrar, web hosting, email hosting etc. are all separate providers. If they're really smart they'll make sure the hosting providers don't even share the same parent company infrastructure (like IONOS who own several hosting 'brands').