Meow's CyberAttack - Application/Server Attacks - Hijacking - URL Hijacking Attacks

• Meow’s CyberAttack - Application/Server Attacks - Hijacking - URL Hijacking Attacks
  • Typo Squatting, URL Hijacking
  • Protection

book: S+ 7th ch9

---

Meow’s CyberAttack - Application/Server Attacks - Hijacking - URL Hijacking Attacks

---

Typo Squatting, URL Hijacking

• the act of registering domains that are similar to known entity, based on a misspelling or typographical error.

Example:

• Sybex.com to Sybecks.com
• buy a similar domain for a variety of reasons

  • Hosting a malicious web site: try to install drive-by malware on users’ systems when they visit. may have Trojans, worms, and viruses

  • Earning ad revenue: attacker can host pay-per-click ads. When click on the ads, advertisers pay revenue to the attacker.

    • Reselling the domain: Attackers can buy domain names relatively cheaply, but resell them to the owner of the original site for a hefty profit.

Protection

Best defense: register all those domains around yours, includes top-level domains as well (.com, .biz, .net, and so on) for all reasonable deviations of your site.