A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting
Victor Le Pochat, Tom Van Goethem, Wouter Joosen
Presented at 4th International Workshop on Traffic Measurements for Cybersecurity (WTMC 2019)
Distinguished Paper Award
Download paper Download slides
Typosquatting is the malicious practice of registering domains that result from typos made when users try to visit popular domains. Previous works have only considered the US English keyboard layout, but of course other layouts are widely used around the world. In this paper, we uncover how typosquatters are also targeting communities that use these other layouts by examining typo domains on non-US English keyboards for 100,000 popular domains. We find that German users are the most targeted, with over 15,000 registered typo domains. Companies such as Equifax and Amazon have defensively registered such domains but are often incomplete; moreover, other major companies ignore them altogether and allow malicious actors to capitalize on their brand. Parking domains or advertising them for sale remains the most popular monetization strategy of squatters on at least 40% of registered domains, but we also see more harmful practices, such as a scam website that spoofs a local newspaper. This proves that domain squatters also consider typos on non-US English keyboards to be valuable, and that companies should be more alert in claiming these domains.
BibTeX:
@inproceedings{LePochat2019smorgasbord,
author = {Le Pochat, Victor and Van Goethem, Tom and Joosen, Wouter},
title = {A Smörgåsbord of Typos: Exploring International Keyboard Layout Typosquatting},
booktitle = {2019 IEEE Security and Privacy Workshops},
series = {SPW '19},
year = 2019,
doi = {10.1109/SPW.2019.00043},
pages = {187--192},
}