Itechra: Blog


Unveiling the Perils of SubdoMailing: Is This the Most Perilous Phishing Scheme Yet?

Imagine this: You’re casually sifting through your daily influx of emails when suddenly, amidst the sea of messages, one stands out – it’s from a company you trust implicitly.

Naturally, you think, “Ah, this is safe to open.” But pause for a moment… this email is not what it appears to be.

It’s a cunning ploy concocted by cyber criminals, lurking under the guise of familiar brands, ready to dupe you into unwittingly divulging sensitive information or clicking on malicious links. Enter “SubdoMailing” – a scheme as treacherous as its name suggests.

But what’s the modus operandi?

Like conventional phishing attacks, cyber adversaries masquerade as reputable entities. However, the twist lies in their method: these malevolent actors scour the internet’s vast expanse for esteemed companies’ subdomains. Do you know those supplementary segments in a web address precede the primary domain? Think – where ‘experience’ constitutes the subdomain.

Here’s the kicker: Upon unearthing a defunct subdomain still tethered to an erstwhile external domain that’s now unregistered, they swiftly purchase the domain and orchestrate a deceitful website.

Thus, when you innocently click on, unbeknownst to you, it clandestinely redirects to

Alarmingly, these nefarious entities dispatch approximately five million fraudulent emails daily, targeting entities akin to yours.

Moreover, owing to their seemingly authentic origins, these emails often evade conventional security protocols, seamlessly infiltrating your inbox.

So, how can you safeguard yourself and your precious data?

Exercise caution when perusing emails – even the slightest semblance of suspicion warrants scrutiny.

Before interacting with links or attachments, meticulously scrutinize the sender’s credentials. Watch out for telltale signs like typographical errors or unfamiliar email addresses.

Equip your workforce with the requisite knowledge to discern the latest phishing stratagems. A fraction of awareness can serve as a formidable defense against potential scams.

Consider fortifying your defenses with robust security software. While it may entail an additional expenditure, its safeguard is unequivocally invaluable.

Should you require assistance bolstering your email security or with any related endeavors, don’t hesitate to contact us—we’re here to help.

Itechra Team

Itechra Team

From 2000, we set out to solve what was then a major problem for small businesses: having difficulty keeping up with their IT needs. We noticed that large corporations often had multiple employees specializing in different aspects of the industry and realized this approach could work well also among smaller organizations who might not be able to sustain such teams, but still require help managing an oversized workload. We provide a single resource for all your IT issues.