CSC’s 2024 Domain Security Report analyzes the highest and lowest performing industries based on the adoption of key domain security features like registry lock, CAA records, DNS redundancy, type of registrar, DNSSEC, SPF, DKIM, and DMARC. The top five highest performing industries were Business Services and Supplies, IT Software and Services, Media, Retailing, Hotels, and Technology Hardware and Equipment. The lowest performing industries were Construction, Food and Drink and Tobacco, Food Markets, Materials, and Oil and Gas Operations.
“Many wide-scale cyber attacks like ransomware, phishing, and data breaches can originate at the domain level through fraudulently registered or exploited legitimate domains,” says Jim Stoltzfus, president of CSC’s Digital Brand Services. “The severe rise in malicious attacks against healthcare systems and other critical infrastructure this year is a clear indication for all industries to carefully monitor domain activity and registrations, and to pay much more attention to dormant domains, which may be maliciously registered but not put to use until a cyber attack is launched.”
Additional key insights from CSC’s research include:
- 80% of registered web domains that resemble a Global 2000 brand do not belong to that brand. Of the 80% of homoglyph (lookalike fake) domains owned by third parties other than the Global 2000 brand owners, CSC found that 42% have MX records (email exchange records) compared with 40% in 2023. MX records can be used to send phishing emails or to intercept email.
- Use of registry lock has grown by 7 percentage points since 2020, but overall adoption is low at 24%. Registry locks enable end-to-end domain name transaction security to mitigate human error and third-party risk. It’s a highly cost-effective means of protecting domain names against accidental or unauthorized modifications or deletions.
- 107 of the world’s largest public companies have a domain security score of zero. 5% of the Forbes Global 2000 companies do not deploy any of the recommended domain security measures and therefore have the highest level of risk. Based on CSC’s analysis of the adoption of key domain security measures, a security score of zero indicates no adoption of any measure, leaving those companies at the highest risk of domain security threats.
- Use of DMARC has grown by 82% since 2020. In 2023, the Anti-Phishing Working Group (APWG) reported a record of almost five million logged phishing attacks, making 2023 the worst year for phishing. This rise in attacks helped increase the adoption of DMARC—an email validation system designed to protect a company’s email domain from being used for spoofing and phishing scams.
CSC’s 2024 Domain Security Report further displays how lax domain security can impact brands and consumers by analyzing how cybercriminals exploited the global reach of the 2024 Paris Olympics. CSC observed a surge in fake Olympic and Paris-related domain name registrations coinciding with the start and end of the Games, which were used to promote counterfeit items, fake tickets, fraudulent streaming sites, and phishing attacks. The targeting of this year’s Olympics provides yet another example of how cybercriminals target trusted brands to launch malicious campaigns. This makes monitoring domain ecosystems globally—including lookalike, dropped, re-registered, or newly registered domain names—a priority in any corporate security posture and online brand strategy to mitigate digital threats.
To learn more about CSC’s proactive and defensive security approach to safeguard domains and brands around the world, download the full 2024 Domain Security Report.
About CSC
CSC is the trusted security and threat intelligence provider of choice for the Forbes Global 2000 and the 100 Best Global Brands (Interbrand®) in enterprise domain names, domain name system (DNS), digital certificate management, as well as digital brand and fraud protection. As global companies make significant investments in their security posture, CSC can help them understand known cybersecurity oversights that exist, and help them secure their online digital assets and brands. By leveraging CSC’s proprietary technology, companies can solidify their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss, and significant financial penalties because of policies like the General Data Protection Regulation (GDPR). CSC also provides online brand protection—the combination of online brand monitoring and enforcement activities—taking a holistic approach to digital asset protection, along with fraud protection services to combat phishing. Headquartered in Wilmington, Delaware, USA, since 1899, CSC has offices throughout the United States, Canada, Europe, and the Asia-Pacific region. CSC is a global company capable of doing business wherever our clients are—and we accomplish that by employing experts in every business we serve. Visit cscdbs.com.