In today’s online environment, a number of risks are posed by individuals attempting to abuse the domain name system of the Internet. These include typo squatters, domain speculators and bulk domain name parkers.
Typo squatting aims to benefit from mistakes users might make as they enter a URL directly into the address bar of their web browser. It used to be that a typo resulted in an error message indicating that the specified site could not be found. Now, however, a user is likely to be directed to a different website unrelated to the intended one.
Unfortunately, organizations rarely have registered all potential variations of their domain name in an effort to protect themselves. Typo squatters anticipate which misplaced keystrokes will be most common for a given entity—in the case of election-focused activities, these would be websites related to the leading candidates—and register the resulting domain names so that traffic intended for the correct site goes instead to the typo squatter’s own web properties. The relative scarcity of simple, recognizable “core” domain names has resulted in the development of an after-market for those domain names and has led to the creation of a community of speculators who profit from the resale of domain names.
In fact, typo squatters and domain name speculators no longer even need to host the physical web infrastructure for their own web content or advertisements. Domain parking companies now handle this, for a cut of the advertising profits.
What’s more, some typo squatters’ sites may not simply host advertisements whose profits go back to them rather than to the intended site’s owner, but they may actually forward the user to an alternative site with differing political views. Worse yet, the real potential for future abuse of typo domains may revolve around the distribution and installation of security risks and malicious code, the potential impact of which is evident in online banking, ecommerce and other business-related online activities today.
Phishers, Hackers, and More
The use of malicious code and security risks for profit is certainly not new. It seems the authors of such creations are quick to reach into their bag of tricks in the wake of everything from natural disasters to economic downturns and even elections to try to manipulate users into becoming unwitting participants in their latest cyber scheme.
For example, phishers targeted the Kerry-Edwards campaign during the 2004 federal election—in one case, setting up a fictitious website to solicit online campaign contributions and in another, setting up a fictitious “toll-free” number for supporters to call (and then charging each caller nearly $2 per minute). Whether leveraging a fundraising site to which users have been redirected, a candidate’s legitimate site, spoofed emails or typo-squatted domains, phishers have a wide range of vehicles from which to deliver their malicious activity.
By subscribing to our early morning news update, you will receive a daily digest of the latest security news published on Help Net Security.
With over 500 issues so far, reading our newsletter every Monday morning will keep you up-to-date with security risks out there.