In light of Google’s recent release of new top-level domains (TLDs) like .dad, .phd, .mov and .zip, there have been rising concerns within the security community over TLDs that can easily be mistaken for file extensions. This report explores a phishing technique that utilizes these concerns, specifically exploiting the .zip TLD to simulate a file…