In Tuesday’s blog post we discussed what bitsquatting is and how it happens. But how can bitsquatted domain names actually be used, and how can you protect your organization?
Here are just a few examples of the ways fraudsters can exploit a domain name that takes advantage of bit-flipping:
- Set up a rogue “update server” that sends a malicious version of a mobile app, patch or OS update to devices that auto-check for updates
- Set up a drive-by install of malware that could infect older or unpatched versions of a particular system, potentially giving someone a backdoor into each infected system, log keystrokes, or steal data
- Set up a classic “phishing page” such as a spoofed copy of a well-known banking or ecommerce website
What can you do to protect your organization and customers?
The good news is that this is a relatively simple, inexpensive risk to mitigate. Here are four simple steps you can take to address your risk:
- Identify potential bitsquatted domain names: scripts are available online to do so, or qualified organizations can request a list from Cyveillance
- Register all potential bitsquatted domain names that are available, typically for a total cost of a few hundred dollars
- Identify any bitsquatted domain names already registered, find out if they are live, and how they are being used
- Initiate shutdown and/or recovery procedures against bitsquatted domain names being improperly owned or used another party