3bay, mnsn or Googl? Attention to typo-squatting!08/06/2007 Written by Roberto Preatoni (SyS64738)
One of the newest expressions of cyber crime is based on typo-squatting. “3bay.com”, “eba6y.it”, “googl.com”, “mnsn.com” , “tyahoo.com” are common mistakes we all commit while keying in a website’s domain, and usually a message of error follows.
But now people’s typing mistakes could become a weapons used by crackers to perpetrate all sorts of cyber crimes: in few words, attackers are registering domain names which are very close to those of very popular websites, in order to intercept part of their traffic.
It was assessed that over one thousand domain names has been recently registered on this purpose.
Users who type these domains are re-directed to a web-page inviting them to update their version of Internet Explorer or to make another research using a specific search-bar. Obviously such links are fake and they drw straight to the malware.
There are poor skills behind this attack since it is not based on the study of a vulnerability and it just lever on users’ low level of awareness.
Some companies already presented software that could “check” each domain’s reputation using the same principle applied to the control of e-mail addresses’ reliability –which counts on large data bases– but such tools are not completely effective and the only factor which could make a real difference is consumers’ attention.