Rules Contributing to Phishing Domain with File Extension TLD

The following rules are used to identify DNS queries to TLDs that resemble file extensions. Any one or more of these will trigger the Phishing Domain with File Extension TLD Alert. Details for each rule can be viewed by clicking the More Details link in the description.

Title

Description

Phishing Domain with File Extension TLD

DNS query to TLDs that resemble file extensions. Attackers may use these TLDs for phishing.