Protect Your Corporate Brand from Typosquatting
Earlier this month, I pointed out the ways that cyber criminals are purposely tricking users into visiting fake or malicious websites. One of those ways is typosquatting, which relies on typographical errors made by Internet users who misspell domain names or mistype legitimate website addresses into a Web browser.
According to Alan Wlasuk, CEO of 403 Web Security, ScamBusters.org reported a 2008 study that found 80,000 typosquatting sites covering just the 2,000 most frequently visited websites. And with one popular kids' website there were more than 300 scam sites hanging off of the real thing. And with a leading credit reporting site, almost 750.
The dangers of typosquatting are, of course, many. One of the more popular typosquatting-related scams is to lead the misdirected Web surfer to a site that matches the branding of the original site, but with a legitimate-looking survey or contest. One YouTube typosquatting site collected personal information from a mistaken Web surfer, including login names and passwords. Wlasuk added:
Unfortunately for the surfer, many people use the same login name and password for every website that requires credentials. It then become an easy task for the hacker to check more valuable sites (banks, PayPal, eBay) with those same login names and passwords - often an easy, lucrative scam.
Obviously, hijacking a website name apparently is pretty big business for the bad guys -- and they just aren't focusing on your site's main page. Troy Gill, security analyst for AppRiver, told me:
Researchers recently collected more than 20GB worth of sensitive corporate communications by utilizing at form of typosquatting. They did so by setting up domains that closely mimicked well-known corporate domains, but left out characters or the like. The most at risk were those corporations that utilized subdomains. For example the researchers set up a domain and email server for ukcorporation.com and waited for email intended for uk.corporation.com. The report states that this technique was in fact quite effective at intercepting emails and stealing sensitive information contained therein. The contents reported to include VPN information, usernames and passwords, bank account information and other sensitive topics.