A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting

2019 IEEE Security and Privacy Workshops (SPW) Pub Date : 2019-05-19 DOI:10.1109/SPW.2019.00043

V. Pochat, Tom van Goethem, W. Joosen

{"title":"A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting","authors":"V. Pochat, Tom van Goethem, W. Joosen","doi":"10.1109/SPW.2019.00043","DOIUrl":null,"url":null,"abstract":"Typosquatting is the malicious practice of registering domains that result from typos made when users try to visit popular domains. Previous works have only considered the US English keyboard layout, but of course other layouts are widely used around the world. In this paper, we uncover how typosquatters are also targeting communities that use these other layouts by examining typo domains on non-US English keyboards for 100 000 popular domains. We find that German users are the most targeted, with over 15 000 registered typo domains. Companies such as Equifax and Amazon have defensively registered such domains but are often incomplete; moreover, other major companies ignore them altogether and allow malicious actors to capitalize on their brand. Parking domains or advertising them for sale remains the most popular monetization strategy of squatters on at least 40% of registered domains, but we also see more harmful practices, such as a scam website that spoofs a local newspaper. This proves that domain squatters also consider typos on non-US English keyboards to be valuable, and that companies should be more alert in claiming these domains.","PeriodicalId":125351,"journal":{"name":"2019 IEEE Security and Privacy Workshops (SPW)","volume":"96 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-05-19","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"8","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 IEEE Security and Privacy Workshops (SPW)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/SPW.2019.00043","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 8

Abstract

Typosquatting is the malicious practice of registering domains that result from typos made when users try to visit popular domains. Previous works have only considered the US English keyboard layout, but of course other layouts are widely used around the world. In this paper, we uncover how typosquatters are also targeting communities that use these other layouts by examining typo domains on non-US English keyboards for 100 000 popular domains. We find that German users are the most targeted, with over 15 000 registered typo domains. Companies such as Equifax and Amazon have defensively registered such domains but are often incomplete; moreover, other major companies ignore them altogether and allow malicious actors to capitalize on their brand. Parking domains or advertising them for sale remains the most popular monetization strategy of squatters on at least 40% of registered domains, but we also see more harmful practices, such as a scam website that spoofs a local newspaper. This proves that domain squatters also consider typos on non-US English keyboards to be valuable, and that companies should be more alert in claiming these domains.

查看原文

微信好友朋友圈 QQ好友复制链接

本刊更多论文

打字错误的Smörgåsbord:探索国际键盘布局排字

typposquatting是一种恶意注册域名的行为，这种行为是由于用户试图访问热门域名时出现的拼写错误而导致的。以前的作品只考虑了美式英语键盘布局，当然其他布局在世界各地都被广泛使用。在本文中，我们发现typposquatters如何通过检查非美国英语键盘上的10万个流行域名的typo域来瞄准使用这些其他布局的社区。我们发现德国用户是最有针对性的，有超过15000个注册的typo域名。Equifax和亚马逊等公司已经防御性地注册了这类域名，但往往不完整;此外，其他大公司完全忽略了它们，并允许恶意行为者利用它们的品牌。在至少40%的已注册域名中，停放域名或打广告出售域名仍然是抢注者最流行的盈利策略，但我们也看到了更多有害的做法，比如一个欺骗当地报纸的诈骗网站。这证明，域名抢注者也认为非美国英语键盘上的错别字很有价值，企业在申请这些域名时应更加警惕。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文去求助

来源期刊

2019 IEEE Security and Privacy Workshops (SPW)

自引率

0.00%

发文量