Intelligence: Wrong Number, Right Idea

Archives

August 18, 2008: A new intelligence collecting technique has been discovered, and it's called typosquatting. It works like this. You go out and register domain names that are misspelled versions of famous ones,like lockheeedmartin.com (adding a third "e"). The real URL of the largest defense contractor in the United States islockheedmartin.com. But here's the intel angle. You don't put up a website using the misspelled address, you just turn on the email for that address. Thus if someone sending an email to [email protected] types in that extra "e", the typosquater gets the email, not the real [email protected]. The first example of this was uncovered being used by someone in China. No doubt, intel agencies all over the world are checking this out.

In the past, people registered mispelled domain names for the purpose of putting up a page full of ads, and getting the revenue when all those millions of bad spellers came for a visit. Some owners of the misspelled names put up sites that infected your computer if you came to visit, which was kind of a public service in that encouraged people to be more careful with their spelling. The typosquatting is, however, basically an intel collection operation. Own enough of these bad addresses, and you can collect all manner of useful, and normally confidential, information. Corporate spies like this, but government spies like it even more.

 

X

ad

Help Keep Us From Drying Up

We need your help! Our subscription base has slowly been dwindling.

Each month we count on your contribute. You can support us in the following ways:

  1. Make sure you spread the word about us. Two ways to do that are to like us on Facebook and follow us on Twitter.
  2. Subscribe to our daily newsletter. We’ll send the news to your email box, and you don’t have to come to the site unless you want to read columns or see photos.
  3. You can contribute to the health of StrategyPage.
Subscribe   contribute   Close