Not likely. Most of these domains are created using stolen credit cards. As soon as the credit card owner or credit card company detects the fraud (usually, about a week??), the domain registration gets cancelled. That's why the phishers quickly push out their attacks after domains are registered. They give enough time for DNS to proprigate the registration and its zone, then launch the attack. Typically, they have a very short timeframe in which to pull off an anonymous attack. Yes, there are cases where this doesn't apply, but it would require a change to most phishing/malware attack models. IHTH. JRK On 7/15/2025 at 5:53 PM, "David Conrad" <drc@virtualized.org> wrote:
Jon,
On Jul 15, 2025, at 10:09 AM, Jon R Kibler via Outages-discussion <outages-discussion@outages.org> wrote:
If CloudFlare would simply block the websites of recently registered domains, that would go a LONG way to cutting down on successful phishing (and ransomware) attacks, IMPO.
Won’t the scumbags simply wait until the hypothetical Cloudflare block is removed, regardless of how long that takes, before sending the phish?
Regards, -drc