Press Releases

DomainTools to Deliver “Phishy Domain Names” Presentation at FireEye Cyber Defense Summit 2016

SEATTLE, Nov. 22, 2016 –DomainTools, the leader in domain name and DNS-based cyber threat intelligence, today announced that Tim Helming, director of product management, will present at FireEye’s Cyber Defense Summit in Washington, D.C. During his presentation, “Phishy Words: Internet-Scale Patterns of Word Affixes in Phishing Domains”, Helming will share tips and tricks that will help to identify the spam domains that present the highest risks to organizations, as well as explain how to analyze patterns to gain a better understanding of attackers. The FireEye Cyber Defense Summit 2016 is an annual conference that brings together experts in security technology, threat intelligence, and incident response to address the primary security challenges business and government face today. The event will be held at the Washington Hilton in Washington, D.C. from November 28-30, with Tim Helming presenting on Tuesday, November 29 at 1:10pm ET.

From the last quarter of 2015 through the first quarter of 2016, the Anti-Phishing Working Group (APWG) noted a 250 percent increase in the amount of phishing websites. This staggering news demonstrates exactly why phishing is a top security concern among leading decision makers, CISOs, and IT professionals at businesses of all sizes. One of the more popular ways to generate phishing domains is to add certain words, known as affixes, to the domain names of legitimate organizations, in order to make the victims believe they are visiting the legitimate site. Not only will Helming’s presentation demonstrate how to identify malicious affix words that disguise as legitimate domain names, he will share how to analyze various attribute signals to ensure high confidence in domain risk assessment and proactively prevent phishing attacks before they happen.

FireEye Cyber Defense Summit 2016

Who: Tim Helming, director of product management, DomainTools

What: “Phishy Words: Internet-Scale Patterns of Word Affixes in Phishing Domains”

When: Tuesday, November 29, 1:10pm ET

Where: Washington Hilton, Washington, D.C.

Presentation Details:

  • Identify the words commonly added to the domain names of legitimate organizations (e.g., “login,” “account,” “my-“, etc.) that lead people to believe they are visiting the legitimate site
  • Analyze the source (geographical hotspot, domain registrar, TLD, etc.) of the “phishy” word additions used in the most common forms of malicious activity (malware, phishing, spam)
  • Determine which types of word affixes present the highest risk to unsuspecting victims in order to better understand attackers and, in some cases, proactively block new malicious domains

For more information on the FireEye Cyber Defense Summit 2016 and to register for the event to attend Tim Helming’s presentation, please visit:

About DomainTools

DomainTools helps security analysts turn threat data into threat intelligence. We take indicators from your network, including domains and IPs, and connect them with nearly every active domain on the Internet. Those connections inform risk assessments, help profile attackers, guide online fraud investigations, and map cyber activity to attacker infrastructure. Fortune 1000 companies, global government agencies, and leading security solution vendors use the DomainTools platform as a critical ingredient in their threat investigation and mitigation work. Learn more about how to connect the dots on malicious activity at or follow us on Twitter: @domaintools

Media Contact:

Kristin Sandberg

Barokas PR for DomainTools


[email protected]