Spam site becomes one of the most popular locations on the web

Do you like yours grilled or fried?
Do you like yours grilled or fried?

Typosquatting is the registration of domain names similar to or closely resembling important websites or web services. The idea is that users will mis-read the false name and assume that they are visiting a well known and trusted website. It usually involves slight changes to the legitimate name, or switching numbers and characters, such as 1 for l, or 0 for O.

Security firm GFI has noted that the spam site rewardz.com has risen into the top 250 ranking websites according to the visitor ranking Alexa service; and it believes that this has largely been caused by typosquatting on Twitter look-alike domain names. While many of the other big names, such as Google and Facebook, have sought to register potential typosquat domain names so that they cannot be mis-used, Twitter has failed to do so. GFI has found a number of look-alike names, such as twittter.com, twitterr.com and twutter.com, registered to attackers.

The process, according to GFI, is that the false site sends the user to a redirect site that points to the spam site. It gives the example of ‘ttwitter.com pointing to secredir.com/?sov=ttwitter.com pointing to video-rewardz.com?sov=124966’.

At the time of writing, twutter.com redirects to socialupdatecentral.com and offers the possibility of getting a free Macbook Air, iPhone or iPad in exchange for taking part in “a short survey of our users”. The deception is maintained by using Twitter colors and typefaces, including a ‘thank you’ bar. The message also attempts to be more personal by including the relevant geographic location: “You’ve been selected from the nnnn region to take part.” It will take less than a minute, enhance your user experience and might get you a free Macbook. All you have to do is press the ‘Start Now’ button – which of course no user should ever do.

What’s hot on Infosecurity Magazine?