It seems that every day, a new artificial intelligence (AI) capability emerges, posing exciting possibilities for technological advancements—but also great potential to equal or greater risks. Cybercriminals have taken notice of this rapid surge in popularity for AI technologies and are attempting to take advantage. As a result, many brands are frequently exposed to online risks that they’re not fully aware of or equipped to prevent, therefore, companies with gaps in protection will continue to face threats of fraud, phishing, and other types of brand infringement.
CSC’s 2023 Domain Security Report sheds light on this gap. We found that 43% of Forbes Global 2000 companies’ .AI domain extensions are owned by third parties, and 49% of the same companies’ .AI domains remain open and unregistered. Lack of direct ownership of these domains causes brands to be more vulnerable to third-party influence and heightens their risk of brand infringement and other cyberattacks. There’s also a 350% year-over-year increase in domain dispute cases involving .AI extensions in 2023 from companies who realized .AI domains using their brand were misappropriated by third parties.
With proper domain security in place, companies can effectively prevent attackers from taking advantage of exposed domains that may otherwise go unnoticed. But how does a company thoroughly protect their brand from fraud?
Maximizing tools in your domain security repertoire
Domain security is the protective shield from brand infringement that every organization needs but does not always prioritize. In fact, our latest 2023 Domain Security Report found that over 100 of the largest companies in the world don’t deploy any recommended domain security measures, leaving them with the highest risk of domain security threats, and in turn, risks of business disruption and reputation damage.
Our 2023 Domain Security Report further highlights that—despite rising phishing, online fraud, and counterfeit activity—many companies still overlook foundational domain security measures such as registry lock, domain-based message authentication, reporting, and conformance (DMARC), domain name system security extension (DNSSEC), and DNS redundancy. For example, only 23% of companies use registry lock. This creates a perfect shadow for cybercriminals to lurk in, allowing them to take advantage of trusted brands.
Also, our report found that 79% of the registered domains that resembled the Global 2000 Brands (homoglyphs) are owned by third parties. Of these fake domains owned by third parties other than the Global 2000 company, 40% have MX records configured that could be used in a future phishing attack. MX records allow emails to be sent that look like they come from the brand. Companies need to not only have defensive security measures in place, but they need to monitor the internet as it’s an exposed attack surface for bad actors.
Lastly, our report touched on subdomain hijacking threats. CSC analyzed over six million DNS records from our database and found that 21% of active DNS subdomain records don’t resolve, leaving companies vulnerable to subdomain hijacking. We did this investigation to understand the current state of company subdomain management and how this will impact their overall corporate security posture.
Evolving protection alongside technology
Domain security is a critical component to brand protection and something businesses cannot afford to overlook. As the world’s largest corporate domain name registrar, CSC works to protect and manage core and tactical domain names while also developing ongoing and proactive dynamic brand monitoring programs for threats outside the domain portfolio. This holistic approach is crucial for brands to gain visibility into all facets of their domain, including emerging areas as a result of advancements in technology. Ultimately, a security-minded domain registrar can help brands build the necessary protection against brand infringement and fraud.
Read the full 2023 Domain Security Report here.
