April 13, 2006 10:42 AM PDT

Microsoft tool hunts down typo squatters

Related Stories

The secret of phishers' success

April 3, 2006

Microsoft gives error pages new direction

September 5, 2001

Whitehouse.com goes to porn

September 5, 1997
A new tool from Microsoft aims to take some of the annoyance--and risk--out of mistyping a URL when browsing Web sites.

The company's Cybersecurity and Systems Management group released a prototype of Strider URL Tracer with Typo-Patrol version last week. The tool is designed to seek out and block mistyped versions of domain names--www.frod.com instead of www.ford.com, for example.

Typo squatters are companies that exploit slips of the fingers by registering for mistyped versions of popular URLs. Some typo domains are parking lots for pay-per-click and syndicated advertising, according to a Microsoft research paper published alongside the tool. The group's researchers found that a mere six services have a presence on between 40 and 70 percent of active typo domains.

In addition to serving up ad links, typo squatters deliver pop-ups and pop-unders, and can redirect surfers to the intended domain. Often, the users are never even aware that they have visited a third-party site. As a result, many legitimate companies have been blamed for pop-ups advertising porn.

On top of this, companies may end up paying out for the advertising that leads customers to sites they were already aware of and trying to reach.

Consumers can be at risk with typo domains. Some are used in phishing scams, which mimic the look and layout of legitimate online businesses in an effort to dupe people out of personal information such as bank passwords.

Others use wrongly typed URLs for popular children's Web sites to lead surfers to porn sites, or to sites looking to exploit children.

The Microsoft research team described common mistakes people make when typing in a URL: missing dots (Newscom), transposition (Nwes.com), suffix replacement (News.net,) character omission (New.com), character insertion (Newws.com) and character replacement (Newz.com).

Strider URL Tracer alerts people when they are redirected to a third-party site, according to a description on Microsoft's research Web site. It can trace pop-up advertising back to the redirecting domains that supplied them. Parents can use it to block domains that may redirect their children to porn. Companies can use it to monitor for trademark infringement or fraud.

The software is free to download from Microsoft's Strider URL Tracer site. Windows XP and Internet Explorer 6 are required for it to work.

The tool works by accessing a bank of information on typo domains from Strider Typo-Patrol, a network of 17 machines run out of Microsoft's Cybersecurity and Systems Management group. The network generates anticipated typos of popular domain names, then scans the Internet for these typo-domains. If they are active, it adds them to the database.

See more CNET content tagged:
domain, systems management, porn, domain name, children

4 comments

Join the conversation!
Add your comment
What if the typo domain is an actual website?
This tool could cause domains for legitimate websites to be blocked as well. Many times people grab a misspelling of a one word domain to use for an actual site. Is it entirely automated, or is there some human intervention at play when banning these domains?
Posted by MuseMind (3 comments )
Reply Link Flag
What if real?
From reading the article, it sounds to me as if it's using a defined list of "wrong" URL's.

If the site is real and mistakenly appears on the list, I'd say the webmaster of said site would probably need to contact Microsoft's Cybersecurity and Systems Management group.
Posted by Jim Harmon (329 comments )
Link Flag
Crashed my IE6
Well, I just attempted to install this latest great tool.. And immediately my IE6 stopped working. Every attempt to launch it popped up the crash window with an opportunity to "Report this error"... After 10 attempts, (and 10 reports), I uninstalled it, and the problem stopped.

Now, let me see if I've got this straight: We were supposed to migrate to XP because it was "bulletproof and hacker-free"...OOPS! Well, SP2 is supposed to make it "bulletproof and hacker-free"!!! OOPS!! Now, we're supposed to migrate to Vista because it will be the best-tested "bulletproof and hacker-free" O.S. ever!! Why don't I want to spend money to watch the hackers prove how UN-bulletproof the new OS is?...(before they've even got the current one bulletproof'd)?

LJ
Posted by BKHerbert (16 comments )
Reply Link Flag
AOL=MSN Now
What a great idea possible data entries:
AOL = MSN
Linux = MS Windows
Im sure this would never be abused for comercial gain?
Posted by mssoot (169 comments )
Reply Link Flag
 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.