Internet sites are preying on mistyped web addresses, says McAfee
1 min read
Questionable third-party domain registrations are targeting misspelled business and consumer web domain names, according to research by McAfee.
Its report ‘What’s In A Name: The State of Typo-Squatting 2007’, highlights a dangerous cyber practice dubbed typo squatting. It exposes how typo-squatters register domains using common misspellings of popular brands, products and people in order to redirect consumers to alternative web sites.
These generate click-through advertising revenues, lure unsuspecting consumers into scams and harvest email addresses to flood users with unwanted email. To quantify the scope of the study, McAfee reviewed 1.9 million variations of 2,771 of the most popular domain names.
“Typo-squatting illustrates the Wild West mentality that remains dominant in major portions of the Internet,” says Jeff Green, senior vice president of McAfee Avert Labs. “Even at its most benign, this practice takes consumers to places they never intended and penalises legitimate businesses by siphoning customers away, or making them pay a charge to re-acquire customers. At its worst, typo-squatting leads to online scams, ‘get-rich-quick’ offers and other risks.”
The study cites the iPhone mania as a recent example of typo-squatting, noting that even though Apple’s new phone appeared on the market just a few months ago, there will be at least 8,000 URLs using the name ‘iPhone’ by the end of this year. Some will be fan sites or rumour sites, while others will be run by hackers and scammers. What most have in common is that they have no affiliation with Apple.
The five most highly squatted categories are: game sites (14% likelihood of being squatted) such as miniclip.com, runescape.com and minijuegos.com; airline sites (11.4% likelihood); mainstream media sites (10.8%); dating sites (10.2%); and technology and Web 2.0-related sites (9.6%).
McAfee SiteAdvisor, the advance warning protection safe search and surf tool, assigns a yellow caution rating to sites that triggers its typo-squatting criteria. Higher risk sites get a red warning label, while for explicitly dangerous sites documented to cause exploits or phishing attacks, McAfee redirects the user to a safe online location.
Users can download McAfee SiteAdvisor free of charge at http://us.mcafee.com.
