CSC research finds suspicious surge in domain registrations amid infant formula supply chain crisis

WILMINGTON, Delaware–(BUSINESS WIRE)–CSC, an enterprise-class domain registrar and global leader in domain and domain name system (DNS) threat mitigation, today released data from its global domain registration assessment since 2021 showing that 84% of domains related to infant formula were registered by third parties. The rise in fake registrations coincides with the turbulent supply chain issues the industry has experienced this year, and registration patterns show these domains are designed as vehicles to execute potential fraud and phishing attacks. . Check-in behavior is not limited to the infant formula market. A similar increase is also targeting commercial organizations and has occurred in the semiconductor industry, as CSC research shows that 95% of domains registered over the same period are linked to third parties. This assessment is part of CSC’s latest report, Where Domain Security Meets Supply Chain Crisis.”

CSC’s research team discovered disturbing trends when it assessed the security of branded web domains and key search terms associated with the infant formula and semiconductor industries. Between January 2021 and May 2022, CSC found that of third-party registered domains, 93% of infant formula-related domains and 79% of semiconductor-related domains include privacy services or have redacted WHOIS details. These are actions taken to conceal true identities and expose potential fake domain registrations and fraudulent activity. Additionally, 26% of infant formula-related domains and 44% of semiconductor-related domains are set up with MX email records, a key mechanism used to spread phishing emails.

“Companies need to understand how their choice of domain registrar affects their organization’s overall security posture and the likelihood that their employees and customers will fall victim to fraud. Consumer registrars have been attacked repeatedly over the past few years and fail to provide the security controls needed to protect customers’ vital domain names from domain and DNS threats. Additionally, many consumer-grade registrars offer services such as name spinning and domain auctioning that promote the registration of confusingly similar names that not only infringe established trademarks, but are often used for phishing and other fraud-based attacks,” said Mark Calandra, president of CSC’s Digital Brand Services. “As a result, these registrars are monetizing the goodwill of the trademark owners they have worked hard to achieve, creating a revenue stream for themselves rather than serving the interests of corporate clients who use their platforms. We believe that industry should follow best practice standards to prevent growing brand abuse and consumer safety issues to ensure a safer digital economy.

Domain security hygiene remains an overlooked risk management component of business operations and an organization’s overall security posture. CSC conducts an annual assessment of domain security practices among the Global Forbes 2000. Through a cross-evaluation of the most recent report and CISA’s 16 critical infrastructure industry categories, food and agriculture and critical manufacturing are two industries with the lowest area safety health and minimal year-over-year improvements.

Access Supply Chain Reportthe Domain Security Reportor visit our website at

About CSC

CSC is the trusted provider of choice for the Forbes Global 2000 and Top 100 Global Brands® in the areas of enterprise domain names, domain name system (DNS), digital certificate management, and protection of digital brands and fraud. As global enterprises invest heavily in their security posture, CSC can help them understand known cybersecurity oversights that exist and help secure their digital assets and online brands. By leveraging CSC’s proprietary technology, businesses can strengthen their security posture to protect against cyber threat vectors targeting their online assets and brand reputation, helping them avoid devastating revenue loss and penalties. significant financial costs due to policies such as the General Data Protection Regulation (GDPR). CSC also provides online brand protection – the combination of online brand monitoring and enforcement activities – taking a holistic approach to digital asset protection, as well as fraud protection services for fight against phishing. Based in Wilmington, Delaware, USA, since 1899, CSC has offices in the USA, Canada, Europe and the Asia-Pacific region. CSC is a global company that can do business wherever its customers are, and we do this by employing experts in every business we serve. Visit

Comments are closed.