CloudSecuritySoftwareWorkspace

Cybersquatting: A New Spin On An Old Crime

Eric is a veteran British tech journalist, currently editing ChannelBiz for NetMediaEurope. With expertise in security, the channel, and Britain's startup culture, through his TechBritannia initiative

Google + Linkedin Subscribe to our newsletter Write a comment

New scams are often based on old tricks and sometimes it is the simplest ruse that gains the richest rewards, says Eric Doyle

My father is a wise old codger. He was born when the 20th century was only 15 years old and here he is in the 21st century still going strong. He was born into a world where the toffs had servants, aeroplanes were made of strings and canvas, only the privileged few had cars, and even electric lights were still a novelty.

I often wondered how he coped with the immense changes. The fracturing of the class system, the space race to the moon, traffic jams of the proletariat, and the rise of the electronics age. He summed it up in words that are as true today as ever they were: “Everything changes but essentially stays the same”.

The status quo

This is what we have observed with the computer age. The mainframe “glasshouse” has become the data centre, timesharing has become, more obviously, software as a service (SaaS) but also the cloud generally, and lock-ins are still with us through the difficulty of moving cloud services from supplier to supplier as cost and needs dictate.

So it is with security. My father was well aware of the “spivs” and conmen of the 40s and early 50s who would manipulate the system and play upon human weaknesses to feather their nests. Today we have the hackers and scammers looking for the easy way to part punters from their currency – whether that be hard cash or information that can be traded.

Phishing and cracking security measures seems like hard work to some. Why not take advantage of the inaccurate typists out there?

We’ve all done it. Typing a query only to have Google, or your search engine of choice, annoyingly interrupt with “Did you mean …?” – or words to that effect. Quickly entering a URL only to be told that site doesn’t exist.

Think back. In the heat of Cyber Monday were you actually shopping at John Lewis or Joh Lewis? Amazon or Amazom?

Security systems vendor Websense has been tracking sites that have names that are based on these typographical errors. The name is subtly changed from Debenhams or Argos but the presented site looks identical. Typosquatting they call it – the destination of the numb-knuckled typist.

Typists’ graphical errors

Although the sites look the same and the payment card processing seems real, don’t hold your breath till the goods arrive – they never will. What is worse, the £39 pre-Christmas sale bargain could cost far more as the card details are used elsewhere to buy something far more expensive, to be cashed in on eBay or a local market somewhere in the world.

Alternatively, a typosquatting site may pose as a money-off voucher service. By leading the bargain hunter from one competiton to another that offer bogus prizes, useful information can be gleaned for identity thieves to set to work on other scams.

With an estimated £3.72 billion burning a hole in the nation’s pocket and grab-it-quick-or-lose-it bargains being this year’s hook, the chances of mistakes are plentiful. Websense Security Labs have counted almost 2,000 typosquatting sites and the total is rising.

Domain confusion

The Labs team were well aware of the domain switch where .com replaces .org but the new cybersquatters have been busy. Websense noticed an increase in October of cybercriminals registering large numbers of typo domains and has been tracking these down.

Elad Sharf, senior security researcher at Websense Security Labs, said, “Cybercriminals are scary-smart at enticing Christmas shoppers to unwanted sites. Whilst this looks like a consumer problem, typosquatting also puts company confidential data at risk as many employees shop from work computers at lunchtime.”

Of course, this provides an opening for Websense to sell its email and Web security services to try to trap the badly typed URL before any damage can be done. It’s easy to tell people to type with caution but mistakes always happen.

In my father’s day, the conmen used physical products with similar sounding names. Today, his son is faced with a similar challenge from Websites. Everything changes but essentially stays the same

As Sharf finished with his pitch for why people should choose Websense’s improved services: “That way you can stay safe no matter how bad a tyspist yu aree.”