Security News > 2021 > February > Phishing awareness gone wrong: Facebook tries to seize websites set up for staff security training

Security biz Proofpoint and its subsidiary Wombat Security Technologies have sued Facebook and its Instagram subsidiary to prevent the seizure of internet domain names used for security testing.

It sets up domain names that incorporate trademarked terms, like Facebook and Instagram, or fragments of those terms that have similar looking domain names.

The company's complaint [PDF], filed in US District Court in Arizona on Tuesday, explains its rationale for doing so: "By using domain names similar to those of well-known companies, Proofpoint is able to execute a more effective training program because the workforce is more likely to learn to distinguish typo-squatted domains, which are commonly abused by bad actors to trick workers, from legitimate domain names."

Proofpoint claims such tests help protect both the employer providing the training and the owners of legitimate domain names, like Facebook and Instagram.

Though the domains at issue, when visited, state "This web site belongs to Proofpoint Security Awareness Training," the UDRP arbitrator nonetheless sided with Facebook last month and directed the registrar handling those names, Arizona-based Namecheap, to turn control over to the social media giant.

Confusion is unlikely among program participants, the company argues, because links to the domains at issue include a disclaimer: "This phishing simulation was provided by your employer to help teach you to recognize commonly-used phishing risks. To appear as realistic as possible, it may contain the name, brand or logo of unaffiliated third parties."

News URL

https://go.theregister.com/feed/www.theregister.com/2021/02/11/facebook_phishing_domains/