CircleID

During the Black Hat DC 2008 security conference, security researchers urged companies and political organizations to put more effort into registering mis-typed versions of their primary domain names. In addition to protecting visitors to websites, this is also to prevent emails from accidentally leaking out (also see this related CircleID post by Aviram Jenik).

As part of an investigation, researchers from Symantec registered 124 domains consisting of common misspellings of the primary domains of candidates in the U.S. presidential election. As reported, in a strictly controlled experiment, a mail server was used to count the number of email messages sent to the misspelled domains, finding 1,121 connection attempts from 12 distinct IP addresses in a 24-hour period.

Read full story: SecurityFocus

Related topics: Cybercrime, Cybersquatting, DNS, Domain Names, Email, Law, Security