Exploiting Mistyped URLs
Engaging study: “Hyperlink Hijacking: Exploiting Incorrect URL Links to Fake Domains“:
Summary: Internet users often rush when clicking hyperlinks, assuming they are properly set up. Nonetheless, these links may contain errors like typos. If a link is active but incorrect, a hacker can create a counterfeit website or service, pretending to be the expected content and attempting to steal personal data. In “typosquatting,” misspelled versions of popular domains are registered to capitalize on mistakes made by users typing a web address. However, no previous investigations have focused on situations where mistakes made by web publishers (such as developers and content creators) are transferred to users. We propose that these “exploitable hyperlinks” are abundant and have the potential to drive significant traffic. By conducting extensive web crawls using powerful computing, we demonstrate that the internet currently has active links to over 572,000 dot-com domains that have never been registered, which we refer to as ‘phantom domains.’ After registering 51 of these domains, we found that 88% of phantom domains received more traffic than a control domain, sometimes up to 10 times more visits. Our analysis indicates that such links result from 17 common errors made by publishers, pointing to freely available phantom domains that can be purchased and misused for less than 20, making them easily accessible to potential attackers.
Image credit: Joe MacInnis.
About Author
