[Krebs on Security] Why is .US Being Used to Phish So Many of Us?

Krebs on Security has posted a new item. Domain names ending in “.US” — the top-level domain for the United States — are among the most prevalent in phishing scams, new research shows. This is noteworthy because .US is overseen by the U.S. government, which is frequently the target of phishing domains ending in .US. Also, .US domains are only supposed to be available to U.S. citizens and to those who can demonstrate that they have a physical presence in the United States. Please use the link above to continue reading this posting. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * A robust vendor management program isn’t just required by compliance frameworks like SOC 2 and ISO 27001. It’s also a critical part of a holistic trust management strategy. Implementing a vendor management program, however, has become more complex and challenging with the proliferation of SaaS tools and shadow IT. And many overstretched security teams are being asked to do more with less. This free guide from Vanta, the market-leading trust management platform, brings together perspectives from the frontlines of vendor security management. Get insights from security and compliance leaders on how to proactively manage third-party vendor risk while dealing with challenges like limited resources and repetitive manual processes. Download it here. * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * You received this e-mail because you asked to be notified when new updates are posted. Best regards, BrianKrebs P.S. You may manage your subscription here: