Threat Intelligence Blog

Posted October 10, 2013

In Tuesday’s blog post we discussed what bitsquatting is and how it happens. But how can bitsquatted domain names actually be used, and how can you protect your organization?

Here are just a few examples of the ways fraudsters can exploit a domain name that takes advantage of bit-flipping:

  • Set up a rogue “update server” that sends a malicious version of a mobile app, patch or OS update to devices that auto-check for updates
  • Set up a drive-by install of malware that could infect older or unpatched versions of a particular system, potentially giving someone a backdoor into each infected system, log keystrokes, or steal data
  • Set up a classic “phishing page” such as a spoofed copy of a well-known banking or ecommerce website

What can you do to protect your organization and customers?

The good news is that this is a relatively simple, inexpensive risk to mitigate. Here are four simple steps you can take to address your risk:

  1. Identify potential bitsquatted domain names: scripts are available online to do so, or qualified organizations can request a list from Cyveillance
  2. Register all potential bitsquatted domain names that are available, typically for a total cost of a few hundred dollars
  3. Identify any bitsquatted domain names already registered, find out if they are live, and how they are being used
  4. Initiate shutdown and/or recovery procedures against bitsquatted domain names being improperly owned or used another party

Most of these simple steps can be done in-house, or contact us to find out how we can assist you. To learn more on this topic, view our on-demand webcast.

Additional Posts

Ten Physical Security Tips for Mobile Devices

There have been numerous articles written about security vulnerabilities in mobile devices and the ...

Bitsquatting Explained in 900 Words or Less: Part II

In our previous blog post, we explained what bitsquatting is and how it happens. But how often does ...