Beware of the new phishing technique “file archiver in the browser” that exploits zip domains


A new phishing technique called “file archiver in the browser” can be used by phishers to “emulate” a file archiver software in a web browser when a victim visits a .ZIP domain. The security researcher mr.d0x detailed the new attack technique.

In May 2023, Google launched eight new top-level domains (TLDs) that included .zip and .mov. Security experts are warning of malicious uses of these domains.

Read more…