Interviews

Cyber-squatting survey

by Mark Rowe

Near three in ten (28pc) of cyber security people have bought domain names to deflect business away from competitors, according to a survey by a domain name search tool product company.

Cyber-squatting, like most cyber-crime, is done for profit and is designed to steal legitimate internet traffic meant for corporate home web pages, says DomainTools. Over a third (37pc) of respondents to its survey in June said that they had been a target of this, and were aware of other domain names that tried to siphon revenue, tarnish their brand and/or copy their website. When asked how much they would be willing to spend to take down a website that was using their company name, 43pc said that ‘the sky’s the limit’.

Tim Helming, Director of Product Management at DomainTools said: “It is somewhat ironic that over 40% of the cyber security professionals we spoke to are willing to spend over £10,000 to stop anyone else using a domain to affect their business, considering nearly a third of them are registering domains in order for the purpose of targeting their competitors. These results also show how important domains are to a company’s brand, security and bottom line.”

Helming advises that for companies who are worried about being a target to keep an eye on cyber squatters and to register as many domains as possible. “For some brands, it is not practical to register all of the possible combinations of their brands, domains, and add-on terms such as ‘store.’ It can easily run to the tens of thousands of domains, if not over a hundred thousand for a company with multiple product names. The best advice is to register as many relevant domains in the major TLDs as possible (major being com, net, org, .co.uk, biz, us, info, .de) and to keep an aggressive search out for squatting domains.”

Cyber-squatting takes advantage of human error, either bad spellers or typing mistakes, Helming adds; he suggests that there are certain patterns you can look out for to be able to avoid these websites. “In general, there are certain patterns that tend to be red flags. For example, we don’t see luxury brands using domain names that begin with words such as ‘cheap’ or ‘discount.’ Similarly, they generally do not add numbers, as in ‘123(brand).com’ either. Many such domains exist, but they are being controlled by entities that have nothing to do with the brands themselves and are not likely to give the shopper a satisfying experience. It is also important to know that looks can be deceiving–many illegitimate sites look virtually identical to the real thing. This is where looking closely at the URL can be a real difference-maker for staying safe.”

About the survey

Some 301 information security people were surveyed at the Infosecurity Europe 2017 conference, that ran from June 6 to 8, at Olympia in west London, pictured.

Related News

  • Interviews

    Cyber review of 2023

    by Mark Rowe

    Because AI is built into many security tools and the external perimeter controls have gotten much better lately, a lot of what…

  • Interviews

    Cyber insurance

    by Mark Rowe

    More companies are turning to cyber insurance to protect their organisations from the financial consequences of a data breach or cyber attack,…

Newsletter

Subscribe to our weekly newsletter to stay on top of security news and events.

© 2024 Professional Security Magazine. All rights reserved.

Website by MSEC Marketing