What do the following have in common?
They are all typos for popular websites; in this case Twitter and YouTube. These are special because they are fraudulent sites for tricking you into completing bogus on-line surveys. Surveys offering a chance to win “exclusive” prizes. Fun stuff as long as your idea of “exclusive” prizes are opportunities for divulging personal information and downloading malware.
The perpetrators have done a good job of co-opting the legitimate site’s look and feel. If you are not paying attention you may not recognize you aren’t exactly where you think you are. Here is an example of one of the twitter redirects.
How popular is this type of attack, known as typosquatting? When formulating these attacks the perpetrators will register a number of the “typo” sites and link them all to a single “survey” page. At times in the recent past, the aggregated hits on the single survey page reached Alexa’s top 250 list.
What can you do about this type of attack?
- Pay more attention when you are entering a web address
- If a well known site suddenly asks you to complete a survey, double check the url to make sure you’ve not been redirected.
- Don’t take online surveys
Sources: http://community.websense.com/blogs/securitylabs/archive/2012/01/11/what-makes-a-high-alexa-rank-spam-website.aspx and http://labs.m86security.com/2011/09/typosquatters-exploit-misspelled-variations-of-youtube-com-domain-name/
Apologies to: William Shakespeare