Blog
Cyber X-Ray
1 min read
November 13, 2023

DNSSense has discovered a new type of malicious domain that no other security vendor has yet detected

By now, you have most likely heard about Survey-smiles.com malware. They appear on all browsers, even when all add-ons have been disabled. If your machine gets infected with this malware, every time you open a new web page and select the address bar, you will get this malware address supplied “http://www1.survey-smiles.com/”.

Most security vendors classify this website as malicious and can block all associated traffic easily.

But, things are not that easy! Each day, attackers find a new way to bypass these blockages. DNSSense has discovered a new Survey-smiles.com attack associated with more than 650k domains.

These 650k malicious domains have the following features in common: when visited, they get redirected to a different address on almost every visit. Moreover, when a request is made using the HEAD method, you will get the Status Code 400 (Bad Request Error) with the end.url: survey-smiles.com.

Let’s look at expressexpense.com as an example. No other security vendor has identified this address as a potential threat:

Thanks to our AI-native domain classification platform, Cyber X-Ray, you can now easily detect these malicious domains and protect your business.

DNSSense is the easiest way to be secure.

Frequently Asked Questions

No items found.