The Swiss Federal Office for Cybersecurity (BACS) has issued a warning about potential “misuse of abandoned or forgotten internet domains.”
BACS reports a case that illustrates this issue: A Swiss canton managed an application via a subdomain (fictional example: anwendung.kt.ch). Rather than pointing directly to an IP address, this subdomain served as an alias redirecting to kanton-anwendung.ch. When the application was decommissioned, the domain kanton-anwendung.ch was released. Cybercriminals identified and re-registered this domain, setting it up to redirect to a fraudulent sweepstakes page. The problem escalated because the old alias was not deleted, allowing criminals to exploit the trusted anwendung.kt.ch subdomain link for their schemes. This took advantage of the trust people place in canton domains.
BACS advises that, even when a domain is no longer actively used, organizations should weigh the minimal cost of retaining it against the risks of third-party misuse.
News Source:Domain-Recht,This article does not represent our position.
