CyberWire Daily The parking lot of digital danger. [Research Saturday]
5 snips
Feb 28, 2026 Dr. Renée Burton, VP of Infoblox Threat Intel and researcher on domain name abuse. She explores how parked lookalike domains and direct-search advertising funnel users to scams and malware. Discussion covers typosquatting, DNS tricks like double fast flux, traffic distribution and device fingerprinting that cloak malicious behavior.
AI Snips
Chapters
Transcript
Episode notes
Parked Domain Scareware Surprise
- Renée Burton discovered a parked domain serving scareware instead of the expected for-sale splash page during a routine research visit.
- The unexpected redirect showed a “virus on your machine” prompt, revealing parked domains can instantly serve malicious content to real users.
Zero Click Parking Bypasses User Interaction
- Zero-click parking or direct search auto-forwards mistyped domains straight to ads without user interaction.
- This shift removed the old two-click parking barrier and enabled immediate redirection to targeted advertisers or scams.
IC3 Lookalike Cost Real Money
- Burton recounts a real incident where someone mistyped ic3.gov as ic3.org and saw a malware scare on a phone.
- Defensive scans from different locations, however, returned benign parked pages while victims saw scams.