By now, you have most likely heard about Survey-smiles.com malware. They appear on all browsers, even when all add-ons have been disabled. If your machine gets infected with this malware, every time you open a new web page and select the address bar, you will get this malware address supplied “http://www1.survey-smiles.com/”.
Most security vendors classify this website as malicious and can block all associated traffic easily.
But, things are not that easy! Each day, attackers find a new way to bypass these blockages. DNSSense has discovered a new Survey-smiles.com attack associated with more than 650k domains.
These 650k malicious domains have the following features in common: when visited, they get redirected to a different address on almost every visit. Moreover, when a request is made using the HEAD method, you will get the Status Code 400 (Bad Request Error) with the end.url: survey-smiles.com.
Let’s look at expressexpense.com as an example. No other security vendor has identified this address as a potential threat:
Thanks to our AI-native domain classification platform, Cyber X-Ray, you can now easily detect these malicious domains and protect your business.
DNSSense is the easiest way to be secure.
Did you know that 83% of IP addresses that generate malicious traffic cannot be resolved immediately?
According to DNSSense Cyber X-Ray® data, the number of malicious domains in domains with the extensions ".ru" (Russia) and ".ua" (Ukraine) has increased by nearly 100% in the last three months.