Infoblox is adding Lookalike Domain Monitoring to BloxOne Threat Defense. The new feature should help identify sites that impersonate well-known brands.
Such a feature can be useful in the fight against phishing and malware attacks. For example, cybercriminals impersonate well-known brands to be more successful in their attacks on partners and customers. According to a study on these lookalike domains presented at the RSA conference, the technique is still widely used and is even growing in sophistication.
“The use of lookalike domains by malicious actors continues to persist, the techniques have substantially advanced in 2022, targeting every sector, playing a key role in complex cyberattacks such as those used to bypass multi-factor authentication (MFA) measures,” Infoblox said.
Components Lookalike Domain Monitoring
In a pre-launch presentation, CEO Scott Harrell stated that Infoblox is the first DNS security vendor to offer customizable protection against the use of lookalike domains by malicious actors. To this end, Lookalike Domain Monitoring identifies sites that immitate MFA infrastructure and tools to provide protection against theft of the sought-after login credentials.
The feature will fall under BloxOne Threat Defense. This solution operates at the DNS level to detect threats that other security solutions do not see. This is to block attacks early.
With this, Infoblox focuses on SecOps and provides contextual network intelligence. Lookalike Domain Monitoring comes alongside “new emerging DNS threat intelligence feeds that provide indicators of malicious intent to stop attacks before they happen.”
Also read: Infoblox launches Network Identity Operating System (NIOS) 8.6.1