Typosquatting and Doppelganger domains

A whitepaper released earlier this week by GodaiGroup’s Garrett Gee & Peter Kim investigates issues around domain name similarities and typos. I do recommend the read as the paper contains noteworthy information but I believe that most InfoSec professionals will find the facts and takeaways rather boring. It has been topic of discussions and presentations at security events in the past; even as recent as a few months ago at a SASIG event in London. If i should summarize the findings it would come down to – people are careless and may do things that put theirs and others information at risk. Now this is not particularly creative or new and, so i hope, is already on the risk radar of most organisations. Contrary to some of the conclusions the press seem to have arrived at i don’t think those large corps mentioned in the report don’t realize this as a problem but rather made a risk based decision to not throw money at fighting stupidity accept the chance of limited data leakage and invest those resources to tackle other priorities. And while i enjoy to snicker at the expense of others at times headlines like Wireds “Researchers’ Typosquatting Stole 20 GB of E-Mail From Fortune 500” are overly dramatic. A story shared by the UK Information Commissioner Christopher Graham earlier this week at an ISSA-UK event (involving patient data, the immense challenge to fax documents to the correct number and careless staff) was a timely reminder that the problem is not technology and is unlikely to be solved by more technology. That said – if you have not included this situation in your brand protection program or identified it as a noticeable risk to your organisation there’s always professional services like MarkMonitor ready to assist.