SURBL Multi
FAST, DYNAMIC INTEL TO IDENTIFY ADVANCED PHISHING, MALWARE, & BOTNET DATA SOURCES
SURBL’s comprehensive feed of current, bad domains. This data feed provides users with a real-time, actionable list of domains associated with malware, phishing, botnets, and spam. SURBL Multi protects legitimate traffic from connecting with hard-to-detect, active domains that are known to be malicious.
- Comprehensive: ~800,000 current, active, bad domains
- Up-to-date: Data added or removed every 1-2 minutes
- Proven: Currently used to protect 1 Billion+ users
- Enhanced coverage: Protection from domains involved in malware and phishing, plus cracked and abused sites
Highly regarded as the Industry’s most comprehensive & accurate list of ‘bad’ domains
SURBL
Multi Sublists
Multi is comprised of the following sublists:
Malware
Data from multiple sources covering sites that host malware. This includes OITC, the DNS blackhole malicious site data from malwaredomains.com and Malware Domain List.
Phishing
Phishing data from multiple sources and is included in the PH phishing data source. Phishing data was first provided by MailSecurity, later joined by PhishTank data, OITC phishing data, PhishLabs data, and several other sources.
Abused Sites
Data feed of general spam sites (pills, counterfeits, dating, etc). Most of domains are found using SURBL internal, proprietary research. Abused sites feed is also supplemented with data from Internet security, anti-abuse, ISP, ESP and other communities.
Cracked Sites
Data feed focused on cracked sites. Cybercriminals steal credentials or abuse vulnerabilities in CMSs, like WordPress or Joomla, to break into websites and add malicious content. Often, cracked pages will redirect to spam sites or to other cracked sites. Cracked sites usually still contain the original legitimate content and may still be mentioned in legitimate emails, besides the malicious pages referenced in spam.
Click Tracker Domains
Data feed of domains used for tracking clicks in emails. SURBL only lists domains used by senders that send emails to mailboxes without confirmed opt-in (e.g. emails also sent to spamtraps).
Disposable Mail Domains
This list contains domains used for disposable emails used only during signup. If disposable domains are used for sign up for a service, they most likely are trying to hide their true identity for malicious reasons.
SURBL Multi
Key Features and Benefits
Comprehensive Data: SURBL data feeds have ~800,000 known malicious domains. Researchers specialize in hunting the hard-to-detect threats, like phishing, malware, and bot-net sites.
Updated continuously: Data feeds are continuously being updated. New domains are added every 1-2 minutes. System and users are protected from new threats as they are discovered.
Near-zero false positives: Extremely accurate data to ensure you are protected from bad domains, but can still access the good ones.
Enhance protection can save your organization, and protect your users, a lot of trouble from accessing domains involved in ransomware, phishing,
Minimize Risk: Enhanced protection from phishing attacks, malware infections, identify theft, loss of revenue and more. Safeguard your organization from these detrimental cyberthreats.
Flexible delivery options: Organizations can choose which option works best for their workflow: Via Rsync, CSV file drops, or private query service.
SURBL MULTI
Uses of Multi Data
- DNS firewall
- Security Alerts
- Malware Detection
- Identifying bot infections
- Web filtering
- Vetting new account sign ups
- URL shorteners
- Email Filtering: Inbound & Outbound
- Phishing Protection
- Infected hosts, infected users
- Enhancing anti-phishing, anti-malware
- Social media filtering
- DNS Firewall/RPZ
- SIEM
Email Filtering
Domain blocklists are used to identify malicious domains in the email body and stop those domains from reaching the end user. SURBL used with an effective IP blocklist can block up to 95% of unsolicited and malicious messages.
Email Filtering
Domain blocklists are used to identify malicious domains in the email body and stop those domains from reaching the end user. SURBL used with an effective IP blocklist can block up to 95% of unsolicited and malicious messages.
DNS RPZ
RPZ offers an additional layer of protection at your DNS level, by preventing unaware users from accessing malicious sites. With persistence phishing, and the surge in IoT devices, RPZ works by restricting Communication to any domains listed by SURBL.
DNS RPZ
RPZ offers an additional layer of protection at your DNS level, by preventing unaware users from accessing malicious sites. With persistence phishing, and the surge in IoT devices, RPZ works by restricting Communication to any domains listed by SURBL.
Start your free trial.
Design the best set of data feeds to meet your needs!
Experience improved cybersecurity and stop phishing emails, ransomware, malware, and other cyber threats. Sign up for your free consultation and receive an in-depth technical deep dive and a 30-day free trial.
