Threat Alert: What to Watch For

• Google has introduced eight new top-level domains (TLDs), the equivalents of “.com”, that websites can use. Among these new TLDs are “.zip” and “.mov”.  
• As .zip and .mov are also common file extensions, these TLDs may pose an increased phishing risk due to confusion as to whether an apparent URL in an email is a link or a file name. 

Tips to Remember (at Work and at Home)

• Go beyond surface clues. Familiar logos, branding, and names are not automatic indicators that an email or website is safe. Be especially careful of any websites that appear to emulate file archiving software and that try to convince you to install or run a file or application.   
• Be suspicious of unexpected URLs and files. Whether it is a file or a URL with either a .zip or .mov file extension or TLD, exercise caution. This is especially true if the files or links are from suspicious senders or in suspect messages. 
• Confirm unexpected files and URLs. Before following a link or downloading an attachment, confirm its legitimacy with the sender via a trusted, alternate means of communication — such as a known, trusted phone number or face-to-face.