That’s the term for a security risk resulting from mis-typed email addresses.
a large American financial group may take bank.com as its corporate home but internally use us.bank.com for staff email. Usually, if an address is typed with one of the dots missing, ie usbank.com, then the message is returned to its sender.But by setting up similar doppelganger domains, the researchers were able to receive messages that would otherwise be bounced back.
Researchers Peter Kim and Garrett Gee bought 30 domain names similar to subdomains used by Fortune 500 companies. Six months later, they had over 120,000 emails and over 20 GB of data at their disposal.
Here are a few examples of what Kim and Gee found, according to the Naked Security Blog:
Passwords for an IT firm’s external Cisco routers
Precise details of the contents of a large oil company’s oil tankers
VPN details and passwords for a system managing road tollways
And all this is just by buying domain names. Real, villainous typosquatters would probably run a “man in the middle” scam, where they would forward your message to the correct recipient after grabbing your email’s contents, leading you and everyone to believe that you can safely send more email to the wrong address.
There’s a lot happening in the world. Through it all, Marketplace is here for you.
You rely on Marketplace to break down the world’s events and tell you how it affects you in a fact-based, approachable way. We rely on your financial support to keep making that possible.
Your donation today powers the independent journalism that you rely on. For just $5/month, you can help sustain Marketplace so we can keep reporting on the things that matter to you.