Tag Archives: domain names

X.com Automatically Changing Link Text but Not URLs

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2024/04/x-com-automatically-changing-link-names-but-not-links.html

Brian Krebs reported that X (formerly known as Twitter) started automatically changing twitter.com links to x.com links. The problem is: (1) it changed any domain name that ended with “twitter.com,” and (2) it only changed the link’s appearance (anchortext), not the underlying URL. So if you were a clever phisher and registered fedetwitter.com, people would see the link as fedex.com, but it would send people to fedetwitter.com.

Thankfully, the problem has been fixed.

How .tk Became a TLD for Scammers

Post Syndicated from Bruce Schneier original https://www.schneier.com/blog/archives/2023/11/how-tk-became-a-tld-for-scammers.html

Sad story of Tokelau, and how its top-level domain “became the unwitting host to the dark underworld by providing a never-ending supply of domain names that could be weaponized against internet users. Scammers began using .tk websites to do everything from harvesting passwords and payment information to displaying pop-up ads or delivering malware.”