[Reading time - 1 minute 59 seconds]
Everyone makes a mistake typing every now and then. What's the worst that can happen? If you're in a word processor, you may get that red squiggly line that shows a misspelled word. However, if you make a mistake while entering a uniform resource locator (URL) address in a web browser, like omitting the "o" in ".com," the results can be much more serious.
When a user makes a typing error when entering a URL address in a web browser, such as typing "goggle.com" (a misspelling) or "google.net" (incorrect domain) instead of the correct "google.com," you often are directed to a fake look-alike site filled with ads for which the attacker receives money for traffic generated to the site or to a phishing site asking for your personal information. These fake sites exist because attackers purchase the domain names of sites that are spelled similarly to actual sites. This is called URL hijacking or typo squatting. A well-known site like google.com may have to deal with more than 1000 typo squatting domains. The cost of typo squatting is significant because of the large number of misspellings. In one month the typo squatting site goggle.com received almost 825,000 unique visitors. It is estimated that typo squatting costs the 250 top websites $285 million annually in lost sales and other expenses.
Recently security researchers have found that a common typo--omitting the "o" in ".com" that results in ".cm"--can have serious consequences. That's because an attacker has registered almost one thousand domains of high traffic web sites with ".cm" (the ".com" is of course already registered by the legitimate site). Examples of these typo squatting domains are ford.cm, nike.cm, cnbc.cm, and southwest.cm. And all of these sites are all hosted on the same Internet address (22.214.171.124), and appear to be registered by a convicted felon who has been successfully sued by several large media companies for spamming.
Users who omit the "omit the o" will be directed to a .cm site that could download malware onto their computer. Or the user could simply receive the error message "HTTP Error 404 Not Found." The security researchers note that links generated off these domains tend to only work one time, so if you revisit the site it will say that it's not found. Why? Evidently this is to prevent security researchers from looking at the malware to analyze it.
How Can You Protect Yourself?
If you own a .com domain name and you discover that it has a fake .cm domain, you can submit a complaint to the World Intellectual Property Organization (WIPO). If you can show that the fake registered domain name is identical or “confusingly similar” to a trademark, and that the registrant has no legitimate interest in the domain name, and that the domain name is being used in bad faith, then that fake domain name can be taken away.
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.