Download
HTML Embed
HTML EMBED
Click to Copy
Make Me Smart with Kai and Molly

Episode 122: Space — the final business frontier

Jul 16, 2019

Latest Episodes

Download
HTML Embed
HTML EMBED
Click to Copy
Marketplace
Download
HTML Embed
HTML EMBED
Click to Copy
Marketplace Morning Report
Download
HTML Embed
HTML EMBED
Click to Copy
Marketplace Morning Report
Download
HTML Embed
HTML EMBED
Click to Copy
Marketplace Morning Report
Download
HTML Embed
HTML EMBED
Click to Copy
Download
HTML Embed
HTML EMBED
Click to Copy
Download
HTML Embed
HTML EMBED
Click to Copy
Marketplace Morning Report
Download
HTML Embed
HTML EMBED
Click to Copy
Marketplace Morning Report
Download
HTML Embed
HTML EMBED
Click to Copy
Marketplace Morning Report
Download
HTML Embed
HTML EMBED
Click to Copy
Codebreaker

Typosquatting

John Moe Sep 13, 2011
Share Now on:

That’s the term for a security risk resulting from mis-typed email addresses.

The BBC explains the scam this way:

a large American financial group may take bank.com as its corporate home but internally use us.bank.com for staff email. Usually, if an address is typed with one of the dots missing, ie usbank.com, then the message is returned to its sender.But by setting up similar doppelganger domains, the researchers were able to receive messages that would otherwise be bounced back.

Researchers Peter Kim and Garrett Gee bought 30 domain names similar to subdomains used by Fortune 500 companies. Six months later, they had over 120,000 emails and over 20 GB of data at their disposal.

Here are a few examples of what Kim and Gee found, according to the Naked Security Blog:

Passwords for an IT firm’s external Cisco routers

Precise details of the contents of a large oil company’s oil tankers

VPN details and passwords for a system managing road tollways

And all this is just by buying domain names. Real, villainous typosquatters would probably run a “man in the middle” scam, where they would forward your message to the correct recipient after grabbing your email’s contents, leading you and everyone to believe that you can safely send more email to the wrong address.

If you’re a member of your local public radio station, we thank you — because your support helps those stations keep programs like Marketplace on the air.  But for Marketplace to continue to grow, we need additional investment from those who care most about what we do: superfans like you.

Your donation — as little as $5 — helps us create more content that matters to you and your community, and to reach more people where they are – whether that’s radio, podcasts or online.

When you contribute directly to Marketplace, you become a partner in that mission: someone who understands that when we all get smarter, everybody wins.