Posted on September 12, 2011 by Jennifer Pointer

A pair of "researchers" named Peter King and Garrett Gee got a lot of free publicity last week for their information security partnership by publishing a white paper explaining how they had used Doppelganger domains and typosquatting techniques to steal 20 gigabytes (that's a lot) of data from employees of  Fortunate 500 Companies.


Doppelganger domains are those which leave out the "dot" between the subdomain and the main domain name, forming a new domain that might be typed by mistake.  For example, if my company was named "Stupid Ideas," and I had a division in my hypothetical organization called "unbelievably," our main domain might be (because believe it or not, someone already has, and then I might give the "unbelievably" division the sub-domain:  That's a lot to type, and it's quite possible that our employees or customers might accidentally leave out that first "dot," and instead type  Now, if my competition across town was clever (and not too concerned about the law or morality), they might take advantage of this, and purchase the domain, and intercept our communication. If that communication contained sensitive personal information or internal data like passwords, we would be in a cyber world of hurt.


So, that's what this company did.  They "typosquatted," these doppelganger domain names, which were subdomains of Fortune 500 companies without that "dot" between the subdomain and the domain, then intercepted their mis-typed emails.  There is no word yet on whether the companies are planning to press charges.  The whole stunt appears to have been a publicity stunt to gain notoriety for their online security firm.  They could quickly become infamous, rather than famous, however, if one or both of them ends up doing prison time over this.  Even assuming they thoroughly investigated the law in all 50 states and the other countries where these Fortune 500 countries have headquarters, and they are "technically" within the law, they might have to spend a lot of money in legal fees to prove they did not do anything illegal.


Meanwhile, what can you do to protect yourself against this type of cyber-theft?  Well choosing an easy-to-type domain name for your company, then buying the likely mis-typos as domain names is a good start.  You may not be in a position to do this, however, and it can be costly.    Also, the some of the variation of your domain name may already be owned by someone else.  Fortunately, this is also costly for your competition, so your chances of being the target of such an attack are still pretty low.


One way you, as an individual can reduce the number of typos in outgoing e-mail is to really use the auto-fill feature in your email address book.  As long as the address was typed correctly the first time (or, even better, was added to your address book as a "reply" to a previous email), you should never type that email address incorrectly again.



Share and Enjoy :

Want to work with us?
Get in touch

817.283.3324 Facebook LinkedIn Twitter