Misspelling goes criminal with typosquatting
Inaccurate spelling means more than poor marks at school, it is a billion dollar business opportunity for typosquatters. At a single IP address, the AVAST Virus Lab has identified 8,600 typosquatting sites, registered variations of well-known sites or brands. Two identifiable targets were the Craig’s List online classified ad service and YouTube, other site addresses were parodies of Hotmail, Google, and YouTube – basically everyone.
After going to one of the identified typosquatting sites, visitors are redirected to one of several hundred “quiz” sites where they receive an offer of a “free” prize such as an iPhone. The sites typically make money through premium phone calls, selling advertisements, and reselling the emails collected from visitors.
Spelling errors are a huge moneymaker on the internet. A Harvard research paper estimated that a major search engine alone could be making nearly a half billion dollars annually just on pay-per-click ads from typosquatting sites. Add in the other search engines and the revenue from the sites identified by AVAST, and typosquatting could easily be a billion dollar market.
“It is not technically malware, but it is online fraud and features like AutoCorrect in Microsoft Word have really let people get lazy with their spelling,” pointed out Jindrich Kubec, head of the AVAST Virus Lab. “The popularity of Craigslist with this one gang gives us a great sample set to demonstrate the types of spelling errors the bad guys are looking for."
The Craigslist typosquatting focused on three basic spelling errors:
1. Reversed/omitted letters - indianapolis.criagslist.org
2. Wrong address format - craigslistpittsburgh.org
Craigslist places the city name first, followed by “.craigslist.org”
3. Wrong top level domain - craigslistaustin.com
Craigslist, at least within the United States, uses the “org” top level domain, not the much more common “com”. Other countries use their own national code such as jp for Japan.
Keeping safe from typosquatting depends on the individual user, with assistance from their antivirus program and search engine. “We block known typo and ‘quiz’ sites – several hundreds of them – so this is a big start,” explains Mr. Kubec. Beyond error-free typing, here are three tips for keeping safe from typosquatters that your English teacher never mentioned:
1. Know the correct address and domain before you start typing.
2. Go to sites through a search engine such as Bing or Google. This can reduce – but does not eliminate – the risk from a typo.
3. Think before you click or call – If you are offered a free iPod, maybe it’s not so free.
Highly effective Cerber ransomware is spread via phishing emails and demands more than $700 in ransom
Based on analysis of past Locky ransomware attacks, experts in the Avast Threat Labs predict that another attack is imminent.