Phishing with Wildcard DNS Attacks and Pharming

The cyclical relationship between threat actors and security professionals begins with the creation of a new attack technique, followed by the discovery of that technique by the security community, and then a refashioning of the manner of attack or creation of another novel approach by threat actors.  Phishers are always seeking better ways to entice victims into providing their personal and/or sensitive information, as well as to evade detection by security companies.  Lately, we have observed an uptick in attacks utilizing  DNS records for malicious purposes. These attacks fall into two main categories: pharming and wildcard DNS attacks. This post provides examples of these methods and describes in detail how phishers use them in their attacks.
Read more