Domain-name typosquatting attacks are increasing: Here’s how to secure your networks

Domain-name typosquatting attacks

When BlueCat combed through a sample of seven billion DNS queries, they discovered that some of the most queried top-level domains were misspelt variations of “.com”. This trend reveals that typosquatting attacks, also known as URL hijacking, is a growing phenomenon. 

Domain spoofing is not a new trend, although it has been growing considerably in the past year due in part to the expansion of the digital economy and people’s concerns about the pandemic. A study from a Domain Tools report revealed the presence of over 150,000 fake domains related to COVID-19

If businesses in supply chain and logistics are not careful, they could see their brand name damaged, the subject of lawsuits, and their website suffering from malware. 

What are the domain-name typosquatting attacks? 

Domain typosquatting is where hackers will poach a misspelt or alternate variation of a cyber domain. These variations could be a misspelling of the domain name or adding an extra dot before the “.com”.  

When users accidentally enter the wrong spelling of a domain name into the web browser. They will be redirected to a fraudulent web page that mirrors the legitimate website even though users have misspelt the domain name. Internet users are often unaware that they are browsing a fraudulent website. 

Why is it a concern?

URL hijacking is a growing concern because hackers will often use the fraudulent web page as a means to conduct nefarious cyber attacks. 

Hackers use the web page to spread malware, opening them up to cyberattacks, like phishing. Since users are not aware that they are on a fraudulent page, they volunteer information without realising it.

However, illegally obtaining personal information is just one of the uses of domain squatting. Those who created a web page can convert the incoming web traffic into money for the registrant by filling the site with ads and other money-making elements. 

URL hijacking is particularly problematic for many businesses because it undermines business credibility. It undermines the company’s reputation, adversely affecting their relationship with your customers. 

Furthermore, URL hijacking is a problem that is difficult to contain. A single domain name could have several misspelt variations that could be easily taken by unscrupulous third parties.  

How to prevent typosquatting attacks? 

Fortunately, there are several ways to tackle the problems of typosquatting and ensure that misspelt domain names do not redirect domain names to a different website. 

Here are some security measures that will reduce URL hijacking. 

Register your domain name with the relevant authorities. 

Register your brand name along with different domain variations with relevant bodies such as the Trademark Clearinghouse (TMCH). Registering your domain name ensures that unauthorised domain registrations used by typosquatters are blocked. 

Find and buy domain names 

Besides registering your brand name, you should also consider buying all alternate domain name spellings. Bringing these alterations under your control can ensure that your users do not fall for a phishing scam. Buying domain names can protect your business reputation and even prevent lawsuits in the future. 

Update relevant certification to secure your website 

In addition to registering your domain name, you should also secure your website.  SSL certification is a great way to signal that your site is a genuine one. It will ensure your users that you are working with the real website and not a fake alternative. 

Invest in domain fraud detection solutions

Invest in tools that can prevent URL hijacking; domain fraud detection solutions can help you find the misspelt variations of your domain name. The solution can identify illicit domain names by assessing certificates, locations, and emails. 

 Adapting security measures to prevent URL hijacking

URL hijacking is a growing problem and businesses need to re-examine their vendor infrastructure to make sure that their domain is kept safe from these types of attacks.

Third-party risk management solutions can give you better oversight over your attack surface and your internet assets. 

With a vendor risk management solution, you will be able to see if different variations of your domain name (even misspelt variations) are part of phishing schemes that steal customer data. 

Prudent assessment of your vendor infrastructure can help you protect your business reputation and your customers by reducing incidences of domain squatting.