Tech »  Topic »  Experts flag a huge amount of cyberattacks coming from this unexpected domain

Experts flag a huge amount of cyberattacks coming from this unexpected domain

3 weeks, 1 day ago   techradar.com
(Image credit: Unsplash)
  • Experts observe a 19x quarter-over-quarter rise in .es usage for malicious campaigns
  • 99% were credential phishing attacks, with 1% relating to remote access trojans
  • Microsoft was by far the most commonly impersonated brand

Cybersecurity experts from Cofense have revealed a 19x increase in malicious campaigns using .es domains between Q4 2024 and Q5 2025, making it the third-most abused top-level domain (TLD) after .com and .ru.

Typically reserved for businesses and organizations in Spain, or Spanish-speaking audiences, researchers found nearly 1,400 malicious subdomains across nearly 450 .es base domains between January and May.

An overwhelming majority (99%) of the campaigns involved credential phishing, with most of the remaining 1% delivering remote access trojans (RATs) like ConnectWise RAT, Dark Crystal and XWorm.

Criminals are pretending to be Microsoft, Google, and Apple in phishing attacksYour employee logins are more valuable to criminals than ever - here's how ...
Copyright of this story solely belongs to techradar.com . To see the full text click HERE