BOOKMARK
PRINTDoppelganger Domains and Email Errors are Cause for Corporate Concern
Tue, 09/13/2011 - 09:40 — Liz Sweezey — PermalinkHere at FairWinds, we are all too familiar with the threats that typosquatting poses to brands in terms of diverting or stealing customers; exposing those customers to scams or malware; diluting brand image; and other potentially harmful activities. But a recent article in Wired describes a new level of typosquatting malfeasance. Researchers built a program that used typographic variations of major companies’ domain names to set up email servers, and collected over 20 gigabytes of misaddressed email over a period of six months.
The intercepted emails all contained what the researchers labeled “doppelganger domains,” named as such because they closely resemble the target domains, with only slight typographic variations. The emails revealed information like employee usernames and passwords; legal documents; trade secrets; and even highly sensitive network information that could easily be exploited by hackers.
The research revealed that as many as 151 of the Fortune 500 could be vulnerable to this type of email-grabbing scheme. Many “doppelganger domains” of the largest U.S. companies have been registered by parties in China, perhaps for corporate spying purposes. In addition to stealing information, cyber criminals could also use these typo domains to stage man-in-the-middle attacks on two companies that are corresponding.
And as is the case with other manifestations of typosquatting, the researchers concluded that companies can avoid this type of scheme by proactively registering and reclaiming typo, or “doppelganger” domains.
The Facebook Effect?
Tue, 01/04/2011 - 17:28 — Liz Sweezey — PermalinkEveryone knows Facebook is more or less taking over the world (or at least trying). As its number of users climbs into the hundreds of millions and its content and functionality continues to expand, people are spending more and more time on the site. Users increasingly turn to Facebook for news, entertainment and, of course, communication.
One unexpected area where the “Facebook effect” is evident is the traffic to popular email domain names Gmail.com and Hotmail.com. According to Quantcast, the traffic to each has plummeted since June 2007. Take a look at the graphs below:
Of course, Facebook’s popularity alone doesn’t explain this drop in traffic. For example, smartphone users can configure their mobile phones to receive email, and so users increasingly rely on mobile phones to check their Gmail and Hotmail accounts, rather than visiting the Gmail.com and Hotmail.com websites directly. But you can’t argue that Facebook doesn’t have some hand in this trend. Facebook is fundamentally altering the way people – especially young people – communicate.
With the ability to send public or private messages, chat via an instant messenger, and comment on literally everything, Facebook easily fulfills a variety of communication wants and needs. Instead of relying on email to say “Hi” to an old friend, congratulate someone on a new job or an engagement, or wish a friend a happy birthday, Facebook provides a venue for such communications. And if the site actually does develop its own email system, as has been rumored, we could start to see an even larger shift away from traditional email… be assured it will be something many people will adopt and “Like” very much.
Scamming on Swine Flu
Wed, 12/02/2009 - 09:14 — Josh Bourne — PermalinkWe received an email recently to the company’s general contact address from a sender posing as the Center for Disease Control. The email stated that the reader needed to complete a person H1N1 Vaccination Profile on the CDC’s Web site, regardless of whether or not he or she has been vaccinated, because that profile would be used for a “registering system” of who had and had not been vaccinated. A link that supposedly led to the CDC Web site where the reader could create his or her profile was included at the bottom of the page.
To a trained eye, it is clear that the email was a phishing scam. Instead of the CDC Web site, the link actually led to online.cdc.gov.yhnbam.im - .IM is the ccTLD for Isle of Man, a small British Crown dependency located in the Irish Sea between the United Kingdom and Ireland. The site had been set up to trick Internet users into disclosing personal and financial information, which the site owner then steals.
I tried to follow the link to see just what kind of information the site was trying to obtain, but was instead greeted by a warning message that said, “This web site at online.cdc.gov.yhnbam.im has been reported as a web forgery and has been blocked based on your security preferences.”
Phishing has been and remains a very serious and dangerous problem online. What is truly despicable is how phishers exploit the public’s concern over issues in order to dupe them into handing over information. H1N1 remains a very worrisome and serious issue, especially here in the U.S., for cybercriminals to take advantage of people’s distress or fear is abhorrently opportunistic.
Be on the lookout if you receive this email. The sender appears as the CDC with the address info@cdcmails.com, so it may seem legitimate at first, but it is indeed a scam.
