Typosquatters have our typos covered

Stephen Withers
Thursday, 15 December 2011 15:15

Business IT - Security

Typosquatting is the practice of registering a domain name that's slightly different from that of a heavily trafficked site in the hope of catching some accidental traffic. Research by a security company suggests there's a lot of it about, especially around major brands.

Security vendor Sophos has looked at the one-character variations on some big-name sites - Microsoft, Twitter, Facebook, Google and Apple - and found that around 80% of them resolved.

The actual figures were 61%, 74%, 81%, 83% and 86%, though Sophos does point out that some of the variations are legitimate sites rather than typosquats. For instance, Goole.com is a site about the English port of Goole.

Interestingly, Sophos found that just 0.07% of typosquat sites contained malware. That's the good news.

The bad news was that 2.7% of the URLs fell into the 'cybercrime' category (which includes hacking, phishing, online fraud and spamming), another 2.4% were adult or dating sites, and 15% fell into the 'ads and popups' classification.

Particularly nasty were the bait-and-switch operations. Sophos found one particular company has 22% of the one-character-away-from-apple.com sites, redirecting them to an "Apple-like page" offering iTunes 10 for download. But clicking the download button takes you to mp3helpdesk site which offers "unlimited downloads for just 0.99 a month".

CONTINUED