Malware (i.e., malicious software) and phishing are common computer security risks. Malware is software used to disrupt computer operations, gather sensitive information, and/or gain access to a computing device. Malware on a user computing device often obtains further instructions to execute on the computing device from a destination server or provides obtained data from the computing device to the destination server. It is noted that the information obtained by malicious actors is often stored on a destination server referred to as a “drop point.” Phishing attempts to obtain sensitive information, such as user names, passwords and/or financial details, typically for malicious reasons, by impersonating a trustworthy entity on a destination server in an electronic communication. Malware and phishing attacks are performed by an attacker (e.g., an individual or an entity) that hopes to obtain personal and/or sensitive information or to access a computing device.
The destination servers that participate in, or are likely to participate in, computer security attacks, such as malware and phishing attacks, are often referred to as suspicious domains or malicious domains. In addition, users can often inadvertently navigate to a suspicious domain using his or her browser. A need exists for improved techniques for identifying such suspicious domains.