Posted October 10, 2013
In Tuesday’s blog post we discussed what bitsquatting is and how it happens. But how can bitsquatted domain names actually be used, and how can you protect your organization?
Here are just a few examples of the ways fraudsters can exploit a domain name that takes advantage of bit-flipping:
- Set up a rogue “update server” that sends a malicious version of a mobile app, patch or OS update to devices that auto-check for updates
- Set up a drive-by install of malware that could infect older or unpatched versions of a particular system, potentially giving someone a backdoor into each infected system, log keystrokes, or steal data
- Set up a classic “phishing page” such as a spoofed copy of a well-known banking or ecommerce website
What can you do to protect your organization and customers?
The good news is that this is a relatively simple, inexpensive risk to mitigate. Here are four simple steps you can take to address your risk:
- Identify potential bitsquatted domain names: scripts are available online to do so, or qualified organizations can request a list from Cyveillance
- Register all potential bitsquatted domain names that are available, typically for a total cost of a few hundred dollars
- Identify any bitsquatted domain names already registered, find out if they are live, and how they are being used
- Initiate shutdown and/or recovery procedures against bitsquatted domain names being improperly owned or used another party