A recent study reveals that Combosquatting is on rise. Domainsquatting is a known-term where a domain registrant registers trademarked based domain names. Then what is Combosquatting? Well, according to the study combosquatting is form of domain squatting, in which the attacker register domain names with very popular trademarks with one or more additional phrases, for example:
Here are some points from the study:
1. 60% of abusive combosquatting domains live for more than 1000 days
2. An increased activity has been noticed with such domain names in the recent times
3. It’s used to perform phishing, trademark abuse, or even threats
4. Most users are unaware of the correct address of the actual domain name
5. Users don’t notice the extra phrases coined by the attackers in the url/domain
Some of my thoughts:
1. Users need to be taught to double check the url/domain correct destination
2. Companies and institutions to register typos and other abusive form of names to protect the interest of all the parties. The cost is increasing with additional new gTLDs.
3. Care to be taken with letter i and l. Bingo(.)com and blngo(.)com appears quite same to an average user in a link form. Companies should focus on registering such domain names T00. Notice the zeros after the letter T, it appears to an average user as o.
Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse
Combosquatting’ Attack Hides in Plain Sight to Trick Computer Users
The term combosquatting is new but it is a fairly know phenomenon. And, it’s not just limited to larger corporations. Smaller companies too are facing this problem. For example; An individual registers a similar domain name of an xyz company, then use that domain to send an email to the abc company asking them to wire transfer to a different bank account amount for any pending invoices. And, not all companies succeeds in marking such emails as a threat.