Nameshield Blog

Nameshield’s DNS Premium labelled France Cybersecurity

The digital transformation of companies creates an increasing dependence on networks.

Websites, emails, VPN, applications… these company key services must remain accessible. An interruption would be dramatic.

DNS is the access point to all these services. It translates domain names into IP addresses and routes traffic to these services. It is increasingly exposed to attacks, yet remains poorly secured due to a lack of knowledge. With the increase in threats, maintaining its DNS infrastructure is becoming more and more complex.

Securing strategic domain names by hosting them on highly secure DNS offering permanent availability, to avoid any interruption to company key services, has become a necessity.

Nameshield, certified ISO 27001 on all its registrar activities, protects companies’ critical digital services against cyber threats, and proposes a DNS Premium solution that ensures high availability of online services.

Nameshield’s DNS Premium has been labelled France Cybersecurity since 2018. This label is a guarantee for users that Nameshield’s products and services present a level of quality in cybersecurity verified by an independent jury.

“Cybersecurity is at the heart of Nameshield’s DNA, through its CERT and ISO 27001 certification. In a sector dominated by American players, this label is the perfect way to highlight our sovereign solutions such as DNS Premium“, Christophe Gérard, Nameshield’s Products Director.

Find out more about our DNS Premium solution

Phishing, slamming and other fraudulent e-mails: stay alert during the summer holidays!

Every year, the summer holidays announce the upsurge of fraudulent e-mails mass campaigns. Indeed, cybercriminals try to profit from these periods when the vigilance is sometimes lowering, to launch phishing e-mails.

What are phishing and slamming?

Phishing is used by cybercriminals to obtain personal information in order to commit an identity theft.

In the world of phishing, slamming is a well-known variant that consists in encouraging domain names owners to renew their annuity with another registrar, by arguing the emergency and criticality of the concerned name’s loss. Concretely, this is an e-mail pushing its recipient to contract an unsolicited service and to proceed to the payment of this latter without delay.

Thus, the slamming can take the form of a fraudulent renewal bill, generally associated with intimidating terms like “Expiration notice”. Under the pressure of such e-mail, in general well built, it happens that the recipient then proceeds to the payment and is debited of an important amount for the so-called renewal.

In the same way, the slamming e-mail indicates that a “customer” of the sender posing as a fake registrar, wants to register domain names identical or similar to your brand. Then the fraudster proposes to register them for you in order to protect you from these troublesome registrations, of course, in exchange for an urgent payment.

Another kind of attack, the suspicious e-mail attachment!

Be careful of fraudulent e-mails with infectious attachments: a single entry point is enough to destroy a network!

The aim of a trap and thus malicious attachment is to pose as a legitimate file (PDF, Word document, JPG image…), while hosting and hiding a malicious code: this is what we generally call Trojans.

Some simple rules to protect against them

Always stay alert when someone asks you your personal data;
Do not ever open an attachment from an unknown sender, or from one who is not entirely trustworthy;
Check the links by hovering the cursor over them (without clicking) to ensure that they link to trustworthy websites;
Never reply under the pressure of this kind of solicitation and of course do not proceed to any payment;
If there is any doubt, do not reply to the e-mail and contact the sender through another method who will confirm whether it really is a fraud attempt or not.

Find on the Nameshield’s website a wallpaper to download to help you think about it more often.

Download the wallpaper

.MY : Relaxation of registration rules for .MY domain names

Due to the strict allocation criteria, connecting a .MY domain name for a company not located in Malaysia was difficult.

MYNIC, the Malaysian registry, wanted to make significant changes for 2023 in order to globalize its .MY domain names.

The registry has therefore decided to remove local presence restrictions on .MY.

This change means that anyone can register a .MY domain name on a “first-come, first-served” basis.

It means that it’s now possible to register a .MY domain name in the name of a European company and no priority phase has been planned.

Please note that it does not apply to the .COM.MY extension, which stays limited to Malaysian entities.

Do not hesitate to contact our teams to secure your .MY domain.

Image source : Pexels via Pixabay

ChatGPT, can you write a phishing email?

Image source : Unsplash

The simple question posed by the mathematician Alan Turing in 1950, “Can machines think?” sparked off a long period of research and experimentation into artificial intelligence. Today, the numerous research and technological advances have borne fruit and many inventions using artificial intelligence have seen the light of day. So it was 72 years later, on 30 November 2022, that chatGPT was launched. Developed by OpenAI, an artificial intelligence research company, chatGPT quickly became a well-recognised term. Today, there are 186 million accounts and 1.6 billion visits in March 2023 alone.

**What is chatGPT and how does it work**?

ChatGPT is an artificial intelligence chatbot with a self-generating system. This means that the machine “interacts in a conversational manner” using natural language (known as NLP or Natural Language Processing). The artificial intelligence uses deep learning algorithms to analyse users’ questions and generate appropriate responses. Over time, chatGPT learns from its users’ questions and answers. This enables it to answer a very wide range of questions, such as writing cover letters, essays or even lines of code. And if the answer is incorrect, all you have to do is chat with it and a more convincing answer will be proposed. That is why this invention has so quickly caught on with so many people.

But chatGPT also has its drawbacks, particularly in terms of cybersecurity and, more specifically, phishing.

With great power comes great responsibility: managing the cyber risks associated with the creation of chatGPT is becoming a difficult task. Typically, cybercriminals don’t pull any punches. In recent years, global crime and cyberattacks have risen sharply, notably by 38% in 2022.
One of the most worrying aspect of chatGPT are phishing attacks. Indeed, chatGPT has become a goldmine for hackers. Its ability to write texts of all types, without error, while generating human-like responses, is a major asset for cybercriminals. This accentuates an already present and widespread threat. The FBI’s IC3 report for 2022 shows that phishing is the crime with the highest number of complaints. In 2022, with 300,497 complaints in the USA alone, phishing is becoming the most widespread type of cyberattack, not only in the USA but worldwide. As well as being a widespread problem, it affects all sectors, so it is essential to be informed and prepared.

Phishing is used by cybercriminals to obtain personal and sensitive information about their victims. To do this, criminals pretend to be reputable organizations by sending messages via text message, phone call or email. With these messages they invite their victims to click on a link to enter their personal details.

OpenAI formally prohibits any malicious use of chatGPT. When asked directly to write malicious code or phishing emails, it refuses to do so. However, with sustained insistence and a clever turn of phrase, artificial intelligence can provide enough information to simplify a cybercriminal’s task. This manipulation can be carried out using the standard version of chatGPT, without the need for “JailBreaking“. This is a cause for concern, as chatGPT has already been used to create phishing e-mails and fraudulent web pages.

Interview with chatGPT

What does the main player think? To find out for sure, we asked chatGPT a few questions to get its “opinion” on the situation, but also to test the creation of fraudulent e-mails.

Firstly, from a legal point of view, does chatGPT follow a code of conduct and are there any regulations governing artificial intelligence?

For the moment, in Europe, there is no real law in place to regulate the use of artificial intelligences such as chatGPT. However, the European Commission has already launched a project aimed at providing a regulatory framework, and policy proposals have already been drawn up. As a result, there are as yet no official rules or bans in force in Europe. However, this is expected to change in the coming months or years.

ChatGPT is therefore not subject to a legal code of conduct, although the tool does appear to follow a moral code of conduct.

According to chatGPT, these are the things it is not allowed to do: engage in illegal activities, infringe intellectual property rights, provide personal or confidential information and, lastly, impersonate a person or organization.

We also asked its opinion on its ability to help someone launch a phishing attack. ChatGPT confirms that it has no moral right to do so.

Finally, we also asked it if it was possible to freely obtain information on the presence of a DMARC entry in Nike’s zone file. Domain-Based Message Authentication Reporting and Conformance (DMARC) is an e-mail authentication method that allows the domain holder to define instructions for handling messages on its e-mail system. It is an effective tool against phishing. For cybercriminals, being informed of the presence of a DMARC within a company makes it easier to choose which companies to target: those that have not deployed a DMARC policy. ChatGPT was unable to provide information directly about the company’s DMARC record, but it did explain how to obtain it using the Windows command line.

We also tried to test chatGPT to obtain a phishing e-mail. After a few questions, we were soon able to ask him the right questions. Finally, he was able to write us a convincing e-mail, posing as a bank.

It then provides us with this message, a perfect phishing trap, because it contains all the codes of a classic e-mail from a bank asking the recipient to provide their personal details. The message is written in proper English, with no spelling mistakes; it invites the recipient to act quickly, in a panic and without thinking. After obtaining this information, if the cybercriminal is not happy with any of the details, he can ask chatGPT to change them.

What can we expect from the future?

Will it be possible to block or slow down the development of AI? Following the release of chatGPT, a number of influential figures in the field of technology, such as Elon Musk and Apple co-founder Steve Wozniak, expressed their concerns by signing petitions and participating in open letters aimed at suspending the research and release of an AI more advanced than chatGPT. This reflects the concern of the European Commission and citizens about technological advances.

However, it is hard to imagine that artificial intelligences such as chatGPT will be banned altogether in the future. This is despite the risks they pose in terms of cyber security, for example. As proposed by the European Commission, the use of artificial intelligences such as chatGPT will be regulated. However, this is unlikely to be enough to stop cybercriminals wanting to use chatGPT as a phishing tool.

So it is best to prepare and protect yourself against the risks posed by artificial intelligence, which will become increasingly effective over time.

Protecting yourself with Nameshield’s DMARC policy

Who does not fear a phishing attack? That is why it is vital to check the email protection you have in place. This is often the route taken by cybercriminals trying to phish your information and that of your company.

An effective way to counter-attack is to deploy a DMARC policy.

Implementing a DMARC policy within your company has a number of advantages. It will enable you to block spoofing attempts and fraudulent e-mails. What’s more, this policy will strengthen the authentication of your traffic and help improve the deliverability of your emails.

Nameshield supports you in the deployment of a DMARC policy. Thanks to our expertise, we will be able to take care of its correct implementation, in the best possible conditions.
Do not hesitate to contact your Nameshield consultant and keep up to date with technological advances such as chatGPT and its link to phishing and other cybercrimes.

The Centenary of the 24 Hours of Le Mans

The weekend of June 10 and 11 marked the Centenary of the 24 Hours of Le Mans, the world’s biggest race in endurance car racing. During the entire week, it was possible to attend the practice sessions and numerous events organized in parallel.

The long-awaited Centenary edition lived up to all its promises. Battles in all categories, tension right through to Sunday, and 24 hours later, it was Ferrari who came out on top and won the 24 Hours of Le Mans Race 2023, a victory 58 years after the brand’s last success.

Followed by millions of people, this international event was able to rely on Nameshield’s highly secure DNS infrastructure, offering permanent high availability, for its https://www.24h-lemans.com/ website. Traffic peaked throughout the event, and a record number of tickets sold ensured the success of the 24 Hours of Le Mans Centenary race!

Image source : www.24h-lemans.com

.GA: ANINF takes over the management of Gabon’s national extension

On May 30, 2023, ANINF (the National Agency for Digital Infrastructure and Frequencies of the Gabonese Republic) announced that it would be taking over the full management of Gabon’s national extension .GA as of June 3, 2023.

In a country in rapid expansion, this change in governance, decided by the Gabonese authorities, has been in the making for some time, in order to better support .GA domain names holders.

ANINF estimates that there are currently more than 7 million .GA domain names, several million of which are abusively registered. During a technical migration scheduled for June 7, a number of .GA domain names will be deleted for which the previous operator has provided no data. ANINF has chosen to call on AFNIC’s technical expertise to assist it in this transition.

Image source : ANINF’s website

Meet Nameshield at the 17th Global Brand Protection Innovation Programme in Frankfurt

The dangers of the Internet are not to be taken lightly. Phishing, cybersquatting or typosquatting are often the cause of disasters, which can threaten the company’s future.

Brand managers can quickly become panicked by the dangers behind these risks. That’s why it’s important to learn where the risks lie and how you can best counter them. That said, what are the benefits for brand owners of innovative and powerful solutions like dotbrand?

At the 17th Global Brand Protection Innovation Programme 2023 in Frankfurt am Main, brand and domain experts, Joëlle Samaké and Arnaud Wittersheim will present compelling monitoring and defence strategies.

Come and visit us to learn more about how you can best protect your brand and benefit from innovative and secure solutions for your domain names.

The .COUNTRY registry increases its prices as of September 27, 2023

The .COUNTRY registry will significantly increase the price for new registrations under this extension from September 27, 2023, 16:00:00 UTC.

All registrations, transfers and renewals of a .COUNTRY domain name registered after September 27, 2023 will be subject to a price increase of 100 times the current price.

This very significant price increase, which has not been explained by the registry, will only apply to domain names registered after this date.

Domain names registered before September 27 can still be renewed at the current price, and will not be affected by the price change.

To protect your brands without being impacted by this price increase, we invite you to register your .COUNTRY domain names as of now.

The Nameshield team is at your disposal for any questions.

Image source : internetnaming.co

ICANN76, Sally Costerton, the new interim president of ICANN, makes her mark

Candidate in March 2020 and then in March 2021, the city of Cancun finally had to wait until March 2023 and the end of the COVID pandemic to see a new edition of an ICANN summit in person. 2023, a very important year for the organisation. It will indeed celebrate its 25 years of existence while it is going through a risky period with an interim presidency after the resignation of its former President on 22 December 2022.

Two women at the head of ICANN

Sally Costerton from the UK, who has been Vice President of Global Stakeholder Engagement (GSE) in charge of stakeholder engagement and awareness of ICANN and its mission worldwide since 2012, has been appointed interim Chief Executive Officer of ICANN following the departure of Goran Marby at the end of 2022. She is supported by Tripti Sinha who serves as ICANN’s Board Chair. Tripti is also Associate Vice President and Chief Technology Officer at the University of Maryland, in the Information Technology Division. This is the first time ICANN has had two women leaders. However, the situation echoes the creation of ICANN. As it was recalled at the opening ceremony, in 1998, when the US government gave ICANN the task of managing the DNS addressing system, a woman also held the position of Chair of the Board. This was Esther Dyson.

While leadership interims are rare at ICANN, this situation led to the organisation of a special session called “The Future of ICANN and the Next President and CEO”. A session where participants would have expected to interact with the new Board. This was not the case, as this session was like a kind of open mic without a direct interlocutor to express expectations towards the new Management of the organisation.

An interim presidency for a governance organisation also means a risky period, especially as there is no shortage of issues to address and the geopolitical context is tending towards increased fragmentation. However, although we do not know how long the interim presidency will last, Sally Costerton quickly made her mark at the start of the summit, when she declared, among other things, “I do not know everything, but I can rely on experts“. These words were reassuring and showed a pragmatic approach.

Transparency tested by experience

ICANN is a well-established organisation, as it has been holding summits for 25 years. The trend in recent years has been for the Supporting Organisations (SOs) and Advisory Committees (ACs) that make up the organisation to move towards greater transparency by opening up almost all their sessions to the participants. The most significant transformation has been in the GAC, the body representing governments, whose sessions were closed for many years before being fully open to all participants. This is an opportunity to salute the work of Manal Ismail, who after nearly six years at the head of the GAC is leaving her place to the Paraguayan Nicolas Caballero. A global tendency, therefore, of a nature to generate confidence, a key value to respond to the more and more numerous detractors of the ICANN governance mode.

But this tendency was reversed during this summit because many sessions were closed, “Closed sessions” to which even some affiliated participants could not have access neither in face-to-face nor in remote. Some of the participants were very upset and did not fail to point this out during the traditional Public Forum which usually closes the week of meetings.

Progress at a forced march?

The consensual approach, typical of ICANN, is both a strength for federating players around new obligations that are adopted, but also a weakness because it considerably slows down the progress of important work.

A striking example is the DNS abuse. Malicious use is indeed a real problem given the damage suffered by the affected Internet users. The GAC did not fail to recall this once again during a session where external experts were invited, such as a representative of the Federal Bureau of Investigation, the FBI. The latter indicated that in the United States, in 2022, more than 800,000 domain names were the subject of complaints causing losses of more than 10 billion US dollars. While the topic of DNS abuse has been a recurring theme at every ICANN summit over the years, it is clear that the consensus has shown its limits. Stakeholders in the GNSO, the generic name policy body, have never been able to agree on a way forward, whether it be a Policy Development Process or contract negotiations to revise stakeholder contracts with ICANN. After recent consultations with stakeholders, the GNSO finally decided on the second option, and the least we can say is that at ICANN76, the will was to reach a result quickly. An amendment to the registry and registrar contracts is being drafted and is expected to be presented in June and voted on by the parties concerned in October.

The GNSO intends to build on the momentum of another contract amendment being voted on by stakeholders: an “RDAP” amendment. RDAP is an alternative protocol to Whois that provides access to domain names registration data. The outcome of the votes and thus the adoption of these contract revisions remained uncertain at the end of the ICANN summit as different thresholds of participation and favourable votes must be reached.

Partial adoption of recommendations for future rounds of new gTLDs

Another issue that some would like to see move forward more quickly is that of future rounds of new generic extensions. Indeed, the last window for applications for generic extensions dates back to January 2012. Since then, a policy development process has been conducted since 2015 to define a set of recommendations for the holding of new application windows. The Final report of this process was submitted to the ICANN Board in February 2021. In the autumn of 2021, ICANN surprised the community by announcing a scoping phase, an ODP (Operational Design Phase), which ultimately lasted until the beginning of this year. The board had not yet decided on the Final report of recommendations, a prerequisite to be able to start the implementation work of the recommendations. So the new interim president of ICANN was also very much expected on this subject.

And she quickly warned that the time was also for action on this subject: “You will see that things will be clarified” (editor’s note: on the next series of generic extensions), she declared during a session during the week. At the end of the week, at a Board meeting, 98 recommendations from the policy development process were adopted, with a further 38 put on hold as requiring further information. An implementation plan is also expected with a deadline set to 1st of August with a focus on internationalized domain names and extensions that ICANN organisation wants to focus on in future rounds and the need to clarify whether closed generic extensions will be offered.

Comments from NAMESHIELD

We can regret a return to a certain opacity in the decision making during ICANN76 where no less than 25 closed sessions were held. Nevertheless, this is perhaps where the progress made on subjects that were not progressing well came from, such as DNS abuse, a very important subject for NAMESHIELD, which offers several solutions to defend your online assets, and the holding of a forthcoming series of new generic extensions, where NAMESHIELD experts can also accompany you.

The other question was how the new interim ICANN President Sally Costerton, would handle her new role in a risky period for ICANN whose model is also increasingly challenged by States, international organisations and even technological alternatives. On this point, the new president appeared to be proactive, joining words to deeds, as on the subject of further series of new generic extensions. Sally Costerton seems to have already started to trace her way towards a full term CEO role for the organisation.

Image source : ICANN’s website

Nameshield is exhibitor at the Rethink! IT Security on 22-24 March 2023 in Berlin!

Phishing attacks are becoming more and more frequent and aggressive – learn from us how you can prevent your company’s email addresses from becoming the starting point of such attacks.

On 22.03. at the ICEBREAKER we will discuss the following topic: Domain names and DMARC – Current trends and challenges in IT security.

The Rethink! IT Security is the leading IT security summit for CISOs and IT security decision makers from the German-speaking region.

Learn about current challenges, technologies, trends and best practices in the field of IT and cybersecurity!

https://www.rethink-it-security.de/

As our customer we have a limited number of free tickets. Please contact us at salesgermany@nameshield.net.

We look forward to welcoming you at our stand and have prepared a little surprise for you there to help calm your nerves in case of an incident.

Cookie	Duration	Description
cookielawinfo-checkbox-advertisement	1 year	Set by the GDPR Cookie Consent plugin, this cookie is used to record the user consent for the cookies in the "Advertisement" category .
cookielawinfo-checkbox-analytics	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional	11 months	The cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance	11 months	This cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
CookieLawInfoConsent	1 year	Records the default button state of the corresponding category & the status of CCPA. It works only in coordination with the primary cookie.
viewed_cookie_policy	11 months	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Cookie	Duration	Description
_ga	2 years	The _ga cookie, installed by Google Analytics, calculates visitor, session and campaign data and also keeps track of site usage for the site's analytics report. The cookie stores information anonymously and assigns a randomly generated number to recognize unique visitors.
_gat_gtag_UA_25904574_14	1 minute	Set by Google to distinguish users.
_gid	1 day	Installed by Google Analytics, _gid cookie stores information on how visitors use a website, while also creating an analytics report of the website's performance. Some of the data that are collected include the number of visitors, their source, and the pages they visit anonymously.

Cookie	Duration	Description
ppwp_wp_session	30 minutes	No description
visit	30 minutes	No description