A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting

Victor Le Pochat, Tom Van Goethem, Wouter Joosen

Presented at 4th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2019)

Typosquatting is the malicious practice of registering domains that result from typos made when users try to visit popular domains. Previous works have only considered the US English keyboard layout, but of course other layouts are widely used around the world. In this paper, we uncover how typosquatters are also targeting communities that use these other layouts by examining typo domains on non-US English keyboards for 100,000 popular domains. We find that German users are the most targeted, with over 15,000 registered typo domains. Companies such as Equifax and Amazon have defensively registered such domains but are often incomplete; moreover, other major companies ignore them altogether and allow malicious actors to capitalize on their brand. Parking domains or advertising them for sale remains the most popular monetization strategy of squatters on at least 40% of registered domains, but we also see more harmful practices, such as a scam website that spoofs a local newspaper. This proves that domain squatters also consider typos on non-US English keyboards to be valuable, and that companies should be more alert in claiming these domains.

Download paper Download slides

DOI: 10.1109/SPW.2019.00043


author = "{Le Pochat}, Victor and {Van Goethem}, Tom and Joosen, Wouter",
title = "A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting",
booktitle = {Proceedings of the 2019 IEEE Security and Privacy Workshops},
series = {SPW 2019},
year = 2019,
doi = {10.1109/SPW.2019.00043},
pages = {187--192},