Connect with us

Hi, what are you looking for?



DomainTools Service Eyes Potentially Dangerous Domains

Domain name and DNS-based cyber threat intelligence firm DomainTools has launched a new security solution for preventing phishing attacks by idenitfying potentially dangerous domain names.

Domain name and DNS-based cyber threat intelligence firm DomainTools has launched a new security solution for preventing phishing attacks by idenitfying potentially dangerous domain names.

Dubbed PhishEye, the new solution was designed to automate the process of identifying look-alike domains meant to spoof brand, product, or organization names. Powered by DomainTools’ domain name discovery and profiling systems, PhishEye should help security teams identify potential domain-based threats and proactively defend networks against future phishing attacks.

Phishing leverages deceptive domain names that have been created in such a way that the intended victims don’t immediately notice they are not legitimate. PhishEye was meant to help organizations easily fight malicious domains, a task usually performed by means of custom tools built by security teams themselves, DomainTools says.

PhishEye uses a typo and substring matching algorithm that is compounded with DomainTools’ proprietary Domain Reputation Engine for the automation of discovery of potentially malicious domains. The solution attempts to find and alert on these domains soon after they are registered.

The discovered domains, DomainTools says, can be entered into spam filters, firewalls, and other security systems meant to deliver protection against phishing attacks. They can also be sent to DomainTools Iris for additional investigation and attribution, the company explains.

The new anti-phishing solution should fuel proactive protection by identifying nefarious domains before they cause harm, and is also expected to disrupt spear-phishing and business email compromise attacks. Additionally, it should help companies mitigate or prevent brand damage caused by illegitimate domains and identify registrants of spoofing domains to monitor or initiate legal action against them.

Because cybercriminals can spoof email addresses and can create deceptive links for the victim to click on, they incur average losses of millions of dollars per year for the average-sized organization. What’s more, the Anti-Phishing Working Group (APWG) reports that the number of unique phishing sites in the second quarter of 2016 went up 61% on quarter and was three times higher compared to the fourth quarter of 2015.

“Phishing campaigns are fundamentally trying to trick your employees or customers, and the ‘trick’ often involves a look-alike domain and website. To build an effective phishing prevention product it helps to have a very thorough mapping of domains in DNS today as well as highly effective and timely domain discovery systems, two things DomainTools is exceedingly good at. We created PhishEye for enterprises looking for a simple and effective way to automate the process of discovering phishing threats lurking on the internet well before they are activated,” Tim Chen, CEO, DomainTools, says.

Advertisement. Scroll to continue reading.

Related: Phishing Attacks Hit the C-Suite With High Value Scams

Related: Losses From Business Email Compromise Scams Top $3.1 Billion: FBI

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join us as we delve into the transformative potential of AI, predictive ChatGPT-like tools and automation to detect and defend against cyberattacks.


As cybersecurity breaches and incidents escalate, the cyber insurance ecosystem is undergoing rapid and transformational change.


Expert Insights

Related Content


The easiest way for a cyber-attacker to gain access to sensitive data is by compromising an end user’s identity and credentials. Things get even...

Application Security

Fortinet on Monday issued an emergency patch to cover a severe vulnerability in its FortiOS SSL-VPN product, warning that hackers have already exploited the...

Fraud & Identity Theft

Famed hacker Kevin Mitnick has died after a battle with pancreatic cancer.  At the time of his death, he was Chief Hacking Officer at...


Enterprise users have been warned that cybercriminals may be trying to phish their credentials by luring them with fake emails that appear to be...


The Single Most Important Part of Dealing with a Phishing Attack is Preparing for the Attack Before it Actually Happens.

Application Security

Microsoft on Tuesday pushed a major Windows update to address a security feature bypass already exploited in global ransomware attacks.The operating system update, released...


The North Korean APT tracked as TA444 is either moonlighting from its previous primary purpose, expanding its attack repertoire, or is being impersonated by...

Application Security

Password management firm LastPass says the hackers behind an August data breach stole a massive stash of customer data, including password vault data that...