The term "spear-phishing" is used when describing a cyber attack done by sending an email that contains either a malicious link or attachment to a victim over the Internet. Once the victim either opens the attachment or clicks on the embedded link, their machine can become compromised; enabling the attacker to perform follow-on exploitation activities against the victim such as installing keylogger software, document exfiltration, and other malicious activities (TrendMicro, 2012).
One of the key indicators of a compromised machine are domain name server (DNS) requests sent from the victim to a public DNS server such as Google. Victims will send DNS requests to resolve the IP address of a malicious domain name of the attackers software, which will then enable connectivity between the malicious domain and the victim's computer. This WebQuest will discuss the concept of bringing together multiple public DNS providers in an effort to reduce the ability for malicious programs to properly resolve the IP addresses of malicious domains.