How to Combat Typosquatting: Defensive Domain Registration Techniques That Protect Your Business

Website domain name fraud has been an issue for larger businesses for some time, and recent statistics show that many organisations go to great lengths to curb the threat.

Proofpoint’s Q4 Quarterly Threat Report states an average defensive domain registration rate of 300 domains per business. Despite these significant numbers, Proofpoint have found that suspiciously registered domains can outnumber officially registered sites by a factor of 20 to 1.

The research finds that cyber actors are constantly working to exploit established businesses by any means possible. These suspicious domains are typically deployed in email scams, angler phishing attempts and other techniques used to mine personal information.

Despite these alarming figures, there are a number of trends in the Proofpoint statistics that discerning businesses can use to combat typosquatting.

Use Defensive Domain Registration Effectively

Managing hundreds of domain name variants is simply not feasible for many enterprises, but there are consistent patterns in the data at hand that allow businesses to register a smaller subset of domains effectively.

Proofpoint found that 82 percent of fraudulent registrations were .com addresses, which is a useful starting point. Whatever top-level domain was used, a significant majority of suspicious registrations were based around the swapping or adding of individual characters.

These two techniques accounted for more than 73 percent of all typosquatting domains. The inserted or substituted characters are made to appear as similar to the legitimate domain as possible. Common substitutions include I for L, U for V, G for Q and L for I. People do not typically examine a URL in minute detail, so these substitutions are effective in deceiving users.

The bulk of your defensive domain registration should be targeted at combating these simple techniques. It is also worth noting that almost 90 percent of suspicion registrations use the same top-level domain as the target website, allowing businesses to narrow their scope even further.

Ten years ago, the idea of defending your domain name not just against people looking to redirect traffic profitably but rather, to attack your potential visitors and damage your brand name was hard to conceive.  Nowadays using an outsourced network security services company is practically mandatory thanks to the plethora of attack vectors available.  For a comprehensive approach to security, contact us or give us a call on 1300 667 871.