
This past year has been an eventful year for us, we would like to take this opportunity to take a look back at this year and reflect on our events and how far we have come this year.


This past year has been an eventful year for us, we would like to take this opportunity to take a look back at this year and reflect on our events and how far we have come this year.


Wishing all of our customers a Merry Christmas and a Happy New Year!
During the Christmas period we have updated our telephone and email support hours.
MORE


.EU domains are registered through EURid, EURid is the not-for-profit organization that operates the.eu and e.io top-level-domains. As a part of its ongoing commitment to data security, EURid has been certified with the ISO27001 security standard since 2013.


Attempts to illegally take over Internet domains are common today. Examples of such activities can be multiplied – cybersquatting, typosquatting or phishing. Sometimes a domain can be lost through your own inattention, sometimes as a result of armed robbery.
Domanier or cybersquatter?
Domaniers are people who buy, sell, park and collect Internet domains. They are often and wrongly confused with cybersquatters, whose operation consists in intentionally registering domains with extensions not used by a given company, in order to resell them at appropriately inflated prices.
Cybersquatters act in bad faith, relying on the reputation of the company using a given name or trademark. So what should you do if you fall victim to them? It all depends on the priorities you set. If the domain extension is not very popular (e.g. “.net.pl” or “.co”), it may be worth accepting the loss. The second option is to negotiate with the cybersquatter and buy back the domain. The third solution is to refer the dispute to a court. If it is proved that the person who seized the domain violated the right of protection for the trademark or the claimant’s personal rights, acted in bad faith or committed an act of unfair competition, such registration may be withdrawn.
How to avoid cybersqatting? It is best to take preventive measures and buy all the most popular extensions for a given domain, so not only “.se”, but also “.com.se”, “.com” and “.eu”.
Typosquatting, i.e. a deliberate typo
In this case, the scam consists in registering a domain with a name very similar or almost identical to the name of a given company or brand.
Why do cybercriminals use typosquatting? Because by using a domain with a similar-sounding name, they can intercept Internet traffic, directing it to pages with advertisements or their own portals (thus increasing the number of visits and deriving financial benefits). Fortunately, the courts are putting more and more emphasis on issues related to the protection of intellectual property on the Internet, treating typosquatting as using someone else’s brand and reputation for your own gain.
How to avoid typosquatting? You must register all alternative names with possible typos. The allegro.pl auction site has secured itself well for this occasion. After entering the address with a typo – anazon.co.uk in the search engine, the correct redirection to the address amazon.co.uk takes place.
Remember that the mere fact of registering a domain does not mean that you become its owner. Formally, you get a temporary opportunity to use it. Therefore, if the domain is not renewed in due time, it will go to the stock exchange, from where it will be available to anyone, in accordance with the principle: “first come, first served”.
An example is the situation that happened when Microsoft’s failure to renew hotmail.co.uk in 2003. In 2003, Hotmail was one of the most popular free email services in the UK, with likely hundreds of thousands of accounts using “@hotmail.co.uk” domains.
On April 13, 2013, Regions Bank customers in 16 states found their bank’s website offline because the financial institution forgot to renew their domain name.
In September 2015, former Googler Sanmay Ved was checking out Google Domains when he saw that google.com was for sale. Incredulous, Ved tossed one of the most valuable domain names in the world into his cart to see if he really could buy it.
So how to avoid such a situation? It’s easy – just set a reminder to renew your domain.
Domain shadowing
Domain shadowing involves gaining control of a registered domain by obtaining administrative credentials, to create DNS records for new subdomains. By creating an infinite number of subdomains, the attacker sets up the largest possible list. This behaviour has proven to be very effective in bypassing typical blocking techniques, such as blacklisting and/or monitoring of websites or IP addresses.
Threat analysts at Palo Alto Networks (Unit 42) discovered that the phenomenon of ‘domain shadowing’ might be more prevalent than previously thought, uncovering 12,197 cases while scanning the web between April and June 2022.
Domain shadowing is a subcategory of DNS hijacking, where threat actors compromise the DNS of a legitimate domain to host their own subdomains for use in malicious activity but do not modify the legitimate DNS entries that already exist.
These subdomains are then used to create malicious pages on the cybercriminals’ servers while the domain owner’s site’s web pages and DNS records remain unchanged, and the owners don’t realize they have been breached.
In the meantime, the threat actors are free to host C2 (command and control) addresses, phishing sites, and malware-dropping points, abusing the good reputation of the hijacked domain to bypass security checks.
The attackers can theoretically change the DNS records to target users and owners of the compromised domains, but they typically prefer to take the stealthy path described above.

In conclusion, how to secure a domain?
Finally, a rather interesting example from real life. A few weeks ago, 43-year-old Sherman Hopkins from Iowa in the United States attempted to take over the domain by threatening its owner with… a firearm. As a result of the shooting, both men were injured. Unfortunately, the address was not found.
“The domain market is developing dynamically, and with it the inventiveness of cybercriminals who are looking for ways to earn money easily and quickly. Currently, the most popular practices of domain hackers are cybersquatting, typosquatting and phishing, although a domain can also be lost as a result of one’s own negligence. It is worth protecting yourself against all these situations in order to avoid financially and image-related painful consequences” – sums up Jakub Dwernicki, president of Hekko.pl.


These three TLDs are a perfect fit for you or for your organisation if you are working in the charity side. They can help you establish an active online presence and make your organisation be found quicker through searches.
MORE


The .ink and .tattoo names lend themselves to similar markets. Of course, .tattoo more specifically addresses the tattoo, tattoo artist and body art market. The .ink domain is also used by this group but its connotations with writing, drawing, and art more generally means that it has a wider variety of uses, including by journalists and authors.
The .ink domain is, in a word, evocative. It brings to mind inkwells and flourishes on the page. It can also be animalistic, in the case of SquidMag.ink! The site is a blog and resource dedicated to African comics and animation. The choice has a double significance since clearly the “squid” name works well with ink, but the subject matter itself is about comics and animation, which itself is ink art!
On the .tattoo side of things, it’s hard to beat oops.tattoo! In the perfect ironic twist, it is in fact a tattoo studio in the business of making tattoos not removing them.
Substack and social media influencers have created a new era of independent journalists and pundits. One 1930s magazine, True: The Men’s Magazine, was reborn as True.ink. It covers adventure and potential from a bygone era, think chasing General Patton’s Ghost, making hard cider, and obscure Greek island adventures.
When thinking of the intersection of .tattoo and .ink, it seems pretty intuitive. Tattoo artists sites, tattoo studio sites, sites for products for those groups like inks and tattoo care. What you might not have guessed is the huge amount of temporary tattoo sites! Intrigue.ink, Coper.tattoo, Bunami.ink, Tatology.ink, Instant.tattoo, Everink.tattoo are all examples of temporary tattoo stores.
I hope reading about the possibilities that writers and artists have found with .ink and .tattoo domain names has inspired you to search around, even if you are in an entirely different field. If you are a writer, artist, or tattooist, we have a current sale on .ink and .tattoo domain names!
If you are interested in a .ink or .tattoo domain name, please click the button below to register yours!


To start off summer at Web World we will be hosting a domain sale which can give you the opportunity to snag some really outstanding domain names!
MORE
ESET is an antivirus company which has been around for three decades and offers innovative technology that their customers can rely on to protect their devices. ESET is currently protecting 111,000,000+ customers worldwide with the coverage of over 200+ countries!
What is ESET’s end point security?
Endpoint security is the protection of your endpoints against cyber attacks. This means securing your laptops, desktops, smartphones and other endpoints specifically, as they are vulnerable access points for viruses, malware and other cyberthreats.
Endpoint security has a number of different forms, including antivirus software and firewalls. ESET’s endpoint protection uses a multilayered approach to securing endpoints like mobile devices and laptops.
Why have we decided to start offering it for our customers?
We are seeing an increase in ransomware attacks in recent months and we are advising customers to change their virus protection from Windows Defender to something else.
Hackers are using PowerShell scripts to disable Windows Defender which then allows them to download ransomware tools and execute attacks on servers. Unfortunately this quite easy to do and it’s a very effective trick for hackers to get control of a server. Once the hacker does this they are able to encrypt all the data on the server and demand a payment by Bitcoin.
We are recommending ESET Endpoint Protection to all our customers (Web World are an official partner), the cost of this software is €100+VAT per year per server.
FAQ
Is ESET managed from the unified console?
All ESET endpoints, including endpoints and mobiles, can be managed from our cloud-based unified management console ESET PROTECT.
How can ESET stop file less attacks?
ESET endpoint protection platforms have mitigations in place to detect malformed or hijacked applications to protect against file less attacks.
How can ESET block targeted attacks?
ESET’s endpoint protection solutions use threat intelligence information based on their global presence to prioritize and effectively block the latest threats prior to their delivery anywhere else in the world.
How can ESET safeguard the web browser?
Designed to protect an organization’s assets with a special layer of protection that focuses on the browser, as the main tool used to access critical data inside the intranet perimeter and in the cloud.
How can ESET improve a network attack protection?
ESET Network Attack Protection improves detection of known vulnerabilities on the network level.
How can ESET improve a botnet protection?
ESET Botnet Protection detects malicious communication used by botnets, and at the same time, identifies the offending processes.
If you have any questions about the ESET end point security please email us at support@webworld.ie.