 | This article relies largely or entirely on a single source. Relevant discussion may be found on the talk page. Please help improve this article by introducing citations to additional sources. Find sources: "Doppelganger domain" – news · newspapers · books · scholar · JSTOR (March 2023) |
A doppelganger domain is a domain that is spelled identically to a legitimate fully qualified domain name (FQDN) but missing the dot between host/subdomain and domain, to be used for malicious purposes.
Typosquatting's traditional attack vector is through the web to distribute malware or harvest credentials. Other vectors such as email and remote access services such as SSH, RDP, and VPN also can be leveraged. In a whitepaper by Godai Group on doppelganger domains, they demonstrated that numerous emails can be harvested without anyone noticing.
For example, for email address "ktrout@finance.corpudyne.com", the doppelganger domain would be "financecorpudyne.com"; hence, an email accidentally addressed to "ktrout@financecorpudyne.com" (i.e. with the dot between "finance" and "corpudyne" having accidentally been omitted) would go to the doppelganger domain rather than to the legitimate user.
See also
- Anticybersquatting Consumer Protection Act (ACPA)
- Domain Name System (DNS) – System to identify resources on a network
- Phishing – Form of social engineering
- Uniform Domain-Name Dispute-Resolution Policy (UDRP) – Process of dispute resolution
References
- "Doppelganger Domain whitepaper". Godai Group. 6 Sep 2011.
External links
- "Researchers' Typosquatting Stole 20 GB of E-Mail From Fortune 500". Wired. 8 Sep 2011.
- "Bad spelling opens up security loophole". BBC. 12 Sep 2011.
| Domain name speculation and parking | |
|---|---|
| General | |
| Legal | |
| Technical | |
 | This Internet-related article is a stub. You can help Misplaced Pages by expanding it. |
 | This malware-related article is a stub. You can help Misplaced Pages by expanding it. |