Kingston Police have issued a release informing the public of another potential way cybercriminals are attempting to steal users’ personal information.
In the release, dated Tuesday, Sept. 26, 2023, police warned that cybercriminals have been using over 20,000 .us top-level domains in phishing attacks. A top-level domain is the final section of a domain name, such as “.com” or “.ca”.
“Although .us is the country code for the United States, cybercriminals have been using this domain to attack organizations worldwide such as Apple, Great Britain’s Royal Mail, and the Denmark Tax Authority,” Kingston Police said. “Cybercriminals may use these domains to trick you into thinking you’re visiting an official US website instead of a malicious one. Clicking a malicious .us link from cybercriminals could lead to malware or trick you into revealing sensitive information.”
Kingston Police provided these tips to stay safe from phishy websites:
- Never click a link in an email that you weren’t expecting.
- Think before you click. Cyberattacks are designed to catch you off guard and trigger you to click impulsively.
- When you receive an email, stop and look for red flags. For example, watch out for emails that were sent outside of business hours and emails that contain spelling or grammatical errors.