Fast, easy, secure email data solutions for all industries.

How we help by need

By Need

Access email-centric data that anchors your data-oriented business strategy.
Improve Deliverability and Response
Connect Data Across Channels
Foster Customer Loyalty
Mitigate Fraud and Risk
industry

By Vertical

Maximize the potential of your First Party data in any industry.
eCommerce and Retail
FinTech
Nonprofit and Political
Technology Platforms

Invest in your first party data.

email validation

Email Verification

Catch and correct invalid email data and preserve your marketing spend.
List Guard™
identity matching

Identity

Get a complete picture of your customers across channels.
Email Append
Postal Append
Email Change of Address
Email Intelligence
fraud prevention

Fraud Prevention

Prevent fraud, mitigate risk and protect the integrity of your database.
engagement

Engagement

Personalize offers, segment + win back customers and get higher response rates.
Email Activity Signals
Website Visitor ID

Learn from our
marketing and data experts.

how we help center

Help Center

Get the answers
API pricing

API Documentation

Let's get technical
free list check

Free List Check

A free health scan for your email addresses
integrations

Integrations

Discover our partners
blog

Blog

See what we're writing about
content hub

Knowledge Center

Videos, whitepapers, ebooks, and more
case studies

Case Studies

See what works
under the hood

Under the Hood

Dive deep into the machine that powers our email data solutions
Email Verification

Leaders in email data services since 1999.

company overview

Company Overview

More about AtData
careers

Careers

Join the team
news and events

News & Events

Read the latest
security

Security

IS0-27001 Certified for you

Login to Your Account

services1

TowerData Login

Catch and correct invalid email data and preserve your marketing spend.
services1

FreshAddress Login

Catch and correct invalid email data and preserve your marketing spend.
Get Started

The Dangers of Dangerous Domains

March 30, 2023
By AtData

We all know the internet is full of potential dangers. As consumers, we avoid the obvious pitfalls by not clicking on the unknown, following up directly when we see something suspicious, and not sending out our banking information to a long-lost prince who is in a bind. But, there are land mines hiding in plain sight in the form of dangerous domains, and AtData assists in protecting companies from allowing them into their databases. 

Many of our clients use our API to clean, correct, and protect their data. As we regularly process our thousands of clients’ email data, our system identifies unusual and anomalous behavior across billions of monthly data points. Our engineering team will then further research this activity and flag accordingly. The information then becomes a part of our knowledge base for our network.

What exactly are dangerous domains?

That boils down to what exactly a domain is, and how it can be used for malicious intent. The top-level domain (TLD) is the part of a website’s core address after the period - .com, .net, .org for example. Think of these as a town. If we dive in further, we need to find a specific house, we get to the second-level domain (2LD) which is usually what comes right before the period – so in “google.com”, it would be “google”. Now these can be further broken down into the individual rooms in the house, or third-level domains (3LD), but we’ll focus on the top two.

So, what makes them potentially dangerous? The problem is there is activity out there that utilizes domains for malicious intent. Websites that could contain phishing, malware, or unwanted software. Emails sent attempting to gather personal or banking information. And as businesses, we have additional concerns coming from spamtraps and honeypots – tools that email service providers utilize to catch non-compliant spammers.

Let’s Dig Into Some Potentially Dangerous Domain Uses

  • Phishing: Phishing sites are designed to steal personal information, such as usernames, passwords, credit card numbers, and more. They often use deceptive tactics, such as mimicking legitimate websites, to trick users into entering their information. Because of the very high likelihood of money being involved, gambling sites are often used in attempts to scam people.
  • Malware: Malware sites are designed to spread malicious software, such as viruses, spyware, and adware. They can also be used to install malicious programs on your computer without your knowledge. Dark web sites are often used to spread malware, viruses, and other malicious software.
  • Bots: Websites and emails can be created rather rapidly utilizing bots as a means to disperse messaging or attempt access through web forms. The bots will look for vulnerabilities and often use email addresses containing dangerous domains or will originate from them.
  • Spamtraps, Honeypots: While these are not considered malicious, as a business it is in our best interest not to have these in our databases or email lists. Spamtraps are ways for email service providers (ESPs) to identify non-compliance by using email addresses that have not opted-in as traps. Honeypots are essentially those email addresses published onto websites somewhere or in a list to catch companies gathering information improperly.

There are, unfortunately, new dangerous domains created regularly, and old safe domains that get taken over and become unsafe. By avoiding dangerous domains, you can help protect yourself, your company, and your data from potential threats.

Examples of How AtData Stopped Dangerous Domains 

For example, a large FinTech client experienced over 1,200 calls to our API originating from a single domain in an unusual timeframe. Our system was able to flag the activity which was corroborated by our engineering team. The affected service was deactivated, the offending IP addresses blocked, and service re-enabled with minimal downtime.

Another example was a specific domain that we first saw on August 15th, 2022. Within 15 days we processed 3,216 validations of the domain from a variety of customers across our network and saw 2,225 unique usernames tied to the domain. The sudden appearance with a high velocity of activity tends to point to bot activity which is usually not good. We were able to identify the malicious activity, flag, and block accordingly, so all of our clients benefit.

How is AtData Able to Confidently Identify Dangerous Domains

  • Over 20 years of archived original source data.
  • Proprietary alerts, patterning, and anomaly detection built on the intellectual property from the merger of two email-centric data companies, TowerData and FreshAddress.
  • Billions of monthly activity signals processed across our proprietary network of thousands of businesses.
  • Experienced engineering research team that investigates anomalies for further improvements to our systems ability to identify activity.
  • Client services team that rapidly responds and coordinates with clients to become an extension of their business.

AtData’s strength is in working closely with our client base. Our robust, historical dataset across thousands of partners and clients has allowed us to fine tune monitoring for unusual behavior patterns or anomalies. Where activity would not be apparent to a single organization, we are able to detect across the entirety of our network and data.

Want to learn how AtData can help you? Contact us today to start the conversation!

Related Articles