Jump to content

Domains That Are Typos of Other Domains


SpamCop 98
 Share

Recommended Posts

...collaborators from CrySyS lab provided a large list of all the domains that are typos within the com zone file; the particular sample was from March 15, 2013. CrySys identified 4.7 million likely domains out of the 108 million domains in the com zone file. These are typos of the 520,000 most common .com domains, according to Alexa. It’s common for an organization to register several common misspellings of its own domain and redirect the users to the correct site. Checking for this, 2.3 million typos seem to be outside the control of the owner of the original domain—they are truly typos that we’d expect to be malicious, but this simply does not appear to be the case.

The original, real domains that are in the Alexa top 520,000 are more likely to appear on black lists than the typos of them. I compared the Alexa domains and the true typo domains to 12 black lists from various sources. In each case, the Alexa domains are more likely to host malicious activity. Note that the percentage of domains from the Alexa “most popular .com domains†is always higher than the percentage of typo domains.

http://www.cert.org/blogs/certcc/2013/08/d...os_of_othe.html

Link to comment
Share on other sites

<snip>

they are truly typos that we’d expect to be malicious, but this simply does not appear to be the case.

<snip>

...Well, actually, I'm not terribly surprised, since there are a lot more people on the internet who simply want to find a way to get more money (in this case via hits due to accidental mis-types of host names in a URL) than there are with both the "skills" and the anti-social personalities necessary to deliver malware via the web.
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

 Share

×
×
  • Create New...