Home / News

Typosquatted Domain Names Pose Plenty of Risk But Surprisingly Little Malware

A recent study took an in-depth look at the scale and the risk of domain name typosquatting — the practice of registering mis-spellings of popular domain names in an attempt to profit from typing mistakes. "Applying every possible one-character typo to the domain names of Facebook, Google, Twitter, Microsoft, Apple and Sophos," Paul Ducklin, Sophos' Asia Pacific head of technology collected HTTP data and browser screenshots from 1502 web sites and 14,495 URLs.

Ducklin wrote: "We recently surveyed a batch of lost USB keys bought from a transit authority's Lost Property auction; we hoped that the infection rate would be about 10%, but found that 66% of the keys in our study were infected. So we naively assumed that typosquat sites would be similarly incautious (either by accident or design) about malware. But out of 14,495 URLs downloaded in browsing to the 1502 sites on our list, only one contained malware. That's just 0.01% by URL, and 0.07% by fully-qualified domain name."

In his report, Ducklin analyses the data revealing unexpected results and harmful aspects of the typosquatting ecosystem.

Related topics: Cybersquatting, Domain Names, Malware, Security

 
   
WEEKLY WRAP — Get CircleID's Weekly Summary Report by Email:

Comments

A more meaningful conclusion Eric Brunner-Williams  –  Dec 20, 2011 11:26 AM PST

The study also found that DoubleClick (Google) had a revenue relation with 37% of the study sites. The distribution of its competitors in the PPC universe was discovered in the study site sample unfortunately not stated.

To post comments, please login or create an account.

Related Blogs

Related News

Explore Topics

Industry Updates – Sponsored Posts

2015 Trends: Multi-channel, Streaming Media and the Growth of Fraud

Priority Access Program for Verisign's First IDN New gTLD, .コム

Minds + Machines Group Expands Into Chinese Market

New .PET Domain Sunrise Period Begins January 19

.CO Hits 2 Million Domains as Premium Sales Surge

Neustar's Career Site Launched Under Its Own Branded TLD: 'careers.neustar'

Data Volumes and Network Stress to Be Top IoT Concerns

DKIM for ESPs: The Struggle of Living Up to the Ideal

Radix Closes Holiday Sales With Over 35K Paid Registrations

Radix's .ONLINE Fastest to Sell 100,000 Domains

.PRO Domains Now Available to All

Verisign Mitigates More Attack Activity in Q3 2015 Than Any Other Quarter During Last Two Years

Verisign & Forrester Webinar: Defending Against Cyber Threats in Complex Hybrid-Cloud Environments

LogicBoxes Announces Pioneer Registrar Program

Introducing Verisign Public DNS: A Free Recursive DNS Service That Respects Your Privacy

Faster DDoS Mitigation - Introducing Verisign OpenHybrid Customer Activated Mitigation

City of Miami 3rd in U.S. to Launch Dedicated TLD

Internet Grows to 296 Million Domain Names in Q2 2015

.Online Becomes the Fastest TLD to Sell 50,000 Domains

Verisign's Q2'15 DDoS Trends: DDoS for Bitcoin Increasingly Targets Financial Industry

Sponsored Topics