• Source: Doppelganger domain

A doppelganger domain is a domain that is spelled identically to a legitimate fully qualified domain name (FQDN) but missing the dot between host/subdomain and domain, to be used for malicious purposes.




Overview


Typosquatting's traditional attack vector is through the web to distribute malware or harvest credentials. Other vectors such as email and remote access services such as SSH, RDP, and VPN also can be leveraged. In a whitepaper by Godai Group on doppelganger domains, they demonstrated that numerous emails can be harvested without anyone noticing.




Example


For email address "ktrout@fi­nance.corpu­dyne.com", the doppel­ganger domain would be "finance­corpu­dyne.com"; hence, an email acci­den­tally addressed to "ktrout@financecorpudyne.com" (i.e. with the dot between "finance" and "corpu­dyne" having acci­den­tally been omitted) would go to the doppel­ganger domain rather than to the legitimate user.




See also


Anticybersquatting Consumer Protection Act (ACPA)
Domain Name System (DNS) – System to identify resources on a network
Phishing – Form of social engineering
Uniform Domain-Name Dispute-Resolution Policy (UDRP) – Process of dispute resolution




References






External links


"Researchers' Typosquatting Stole 20 GB of E-Mail From Fortune 500". Wired. 8 Sep 2011.
"Bad spelling opens up security loophole". BBC. 12 Sep 2011.

Kata Kunci Pencarian:

• Penumpangan saltik
• Lied
• Doppelganger domain
• Typosquatting
• Bob (Twin Peaks)
• Googol
• Venom: The Last Dance
• William Wilson (short story)
• Demonology
• Superman
• List of Toon In with Me episodes
• Russian interference in the 2024 United States elections