Since the beginning of cybercrime, businesses have been vulnerable to a gamut of email-based threats. One of organizations’ weakest links, emails have been the portal that cyber criminals have leveraged over and over to deliver malwares and bots.
The option to reject or delete emails from unknown senders with attachments was always a part of Microsoft 365’s email service, but isn’t enough in the present-day threat landscape. Experts recommend blocking .zip and .mov top-level domains (TLDs) from the network for good measure.
Joey D’Antoni, IT veteran and Field Day delegate, takes the readers through the process of enabling it, in his blog “Blocking .zip and .mov Top Level Domains from Office 365 Email”. He writes,
Last week, Google announced that they were selling domain registrations for the .zip and .mov top-level domains (TLDs). Google registered these TLDs as part of ICANN’s generic top level domain program. Spammers and threat actors everywhere have rejoiced at this notion–.zip and .mov files are very common malware vectors. While there haven’t been any real-world observations of attacks the SANS institute is recommended proactively blocking these domains from your network, until we better understand their behavior.
To learn how these domains can be blocked, read his blog – “Blocking .zip and .mov Top Level Domains from Office 365 Email”. For more such stories, sign up to our weekly newsletter and get notified about interesting posts from our community.