Netcraft Launches AI-powered Preemptive Domain Disruption to Predict and Eliminate Criminal Infrastructure Before Weaponization

New predictive capability proactively identifies, disrupts, and takes down attacker-controlled phishing and Business Email Compromise (BEC) impersonation domains before campaign launch

Netcraft, the global leader in brand protection and threat disruption, announced the launch of Preemptive Domain Disruption, a new predictive capability that proactively identifies, disrupts, and takes down criminally controlled domains before they are used in phishing attacks and fraud campaigns. Building on Netcraft’s industry-leading Domain Detection and Takedown platform, the new AI-powered Preemptive Domain Disruption shifts further left in the attack chain, helping security teams eliminate threats before content goes live. Early customer results demonstrate the effectiveness of disrupting domains before attacks begin, with approximately 90% of criminally-controlled domains being taken down within 24 hours. One enterprise implementation saw more than 21,000 takedowns in just 3 months, completely eliminating the window for risk exposure and victimization.

These results are possible because attackers often register domains well in advance of launching campaigns, often days, weeks, or even months ahead. Netcraft’s AI-powered Preemptive Domain Disruption exploits the window from registration to activation to dismantle malicious infrastructure before it can host harmful content or be used in attacker campaigns.

By leveraging high-fidelity data clusters and verified attack indicators, Netcraft identifies domains configured for abuse prior to campaign launch. Unlike existing approaches that evaluate signals in isolation, Netcraft AI-powered systems correlate shared infrastructure, registration artifacts, technical configurations, BEC, and other campaign fingerprints, drawing on Netcraft’s unique visibility into attacker behavior as the world’s largest provider of takedowns. When emerging attack clusters are confirmed, and enforcement-grade evidence has been collected, Netcraft works directly with internet infrastructure providers to rapidly disable the domains while simultaneously broadcasting high-risk signals to DNS operators, email reputation systems, and other anti-fraud platforms, shrinking the attacker’s window and stopping campaigns before victims are exposed.

Also Read: AiThority Interview with Glenn Jocher, Founder & CEO, Ultralytics

Key benefits of Netcraft Preemptive Domain Disruption include:

• Clustering of detections that surface campaigns with higher confidence, so teams can act faster and with less manual investigation
• Preemptive detection of attacker-controlled brand-targeting domains before malicious content is deployed
• Proactive takedowns that remove attacker infrastructure before victimization occurs
• Reduced reputational, financial, and operational risk by disrupting attacks further left in the attack chain

This development reflects a shift toward next-generation digital risk protection, which identifies and disrupts malicious infrastructure before attacks reach potential victims. Combined with Netcraft’s proven takedown capabilities for active threats, this proactive approach to threat disruption is helping redefine how the industry prevents cybercrime.

Peter Cassidy, Co-Founder Anti-Phishing Working Group (APWG), said: “Netcraft’s approach to preemptively disrupting malicious campaigns brings the contest against cybercrime where it belongs: into the future. With AI tools simplifying cybercrime’s scaling, prevention is more vital than ever. Long-time APWG member Netcraft will be contributing data from Preemptive Domain Disruption to a new sub-category of predeployed domain names on APWG’s member eCrime eXchange, reflecting Netcraft’s steadfast commitment to securing Internet infrastructure.”

Ryan Woodley, CEO, Netcraft, said: “Attackers operate differently in an AI age. They can quickly stand up infrastructure well in advance of a campaign. With more than two decades of fighting cybercrime and disrupting online threats, Netcraft is uniquely positioned to deliver Preemptive Domain Disruption, which leverages our knowledge of threat actor behavior to identify signals of malicious activity before domains are used in an attack. By removing attacker infrastructure upstream, we don’t just detect threats faster; we prevent them from reaching our customers and the people who trust them.”

Also Read: ​​The Infrastructure War Behind the AI Boom