by ericpauley
5 subcomments
- We did a large-scale study of this phenomenon recently: https://www.cs.bu.edu/faculty/crovella/paper-archive/wung-if...
Across a broad sample of typo domains of major sites, most registered domains aren’t actually reachable, implying they are registered for defensive, legitimate, or unrelated purposes. Interestingly, the typo space on major sites is actually very sparsely registered (2% at edit distance 1), meaning that typosquatting may actually be underexploited.
- >“In large scale experiments, we found that over 90% of the time, visitors to a parked domain would be directed to illegal content, scams, scareware and anti-virus software subscriptions, or malware, as the ‘click’ was sold from the parking company to advertisers, who often resold that traffic to yet another party,” Infoblox researchers wrote in a paper published today.
Hey, same thing happens with my Google search results, what a coincidence!
- Their definition of parked domain is a bit odd, with "expired" domain names and typosquatting” domains. I work at a registrar and the absolutely vast majority of parked domains for us are domains owned by customers that register alternative versions, campaign, products and misspellings of their primary domain. Parked in that sense mean an almost empty zone with occasionally a default landing page, sometimes as a paid DNS service at the registrar, and sometimes as a free service (There are still registration and renewal fees).
Putting a redirect onto such domain would be a major bad faith act by the registrar and a reason to avoid that registrar at all costs. The customer is the owner of that name, has their name attached as the registrant, and generally hold some legal risk while doing so. It also goes directly against the primary reason why the customers bought the domains in the first place.
The ones that hold advertisement two specific cases. One is "expired" domains which are not actually expired but where the registrar holds on to it in the hope that the old or new customer will buy it for an extra cost. The other is names which a customer or the registrar itself bought as an investment in hope to auction out. That kind of behavior was historically frowned at but is fairly common practice for a smaller number of domains. Usually you don't put redirects on those since you want to expose the fact that the domain is for sale.
So I am very confused where they got their 90% number from, but then I would not call typosquatting as parked domains if its registered by a malicious actor and used for a scam on their own servers (or hacked servers as it may be).
- I park mine by having no IP address, MX record is "0 ." meaning it does not receive email, the SPF record is "v=spf1 -all" and DMARC is a strict reject, CAA is 0 issue ";", BIMI is "v=BIMI1; l=; a=;". I do the same for wildcard DNS. There's probably more I should add.
by RankingMember
2 subcomments
- We've unfortunately come a long (bad) way from the innocuous "backpack girl" parking pages.
For a refresher:
https://i.kym-cdn.com/entries/icons/original/000/033/037/gir...
by dredmorbius
0 subcomment
- A similar trend I've noticed in the US within recent years has been that misdialing toll-free numbers(or even correctly dialing an apparently expired number), originally "area code" 800, since expanded to include 888, 877, 866, 855, and 844, will lead to a scam or advertising connection.
This is one of numerous trustworthiness attacks on general public-switched telephone network (PSTN) use which I suspect will lead to an increased abandonment of that system. If we can neither trust either incoming or outgoing calls to connect to a trustworthy counterparty, people will tend to prefer systems which do so.
(This is on top of privacy and security issues with PSTN, including data exfiltration by operators, and potential for wiretapping and intercepting voice, texts, and data.)
by armenarmen
1 subcomments
- I owned facebook.ky, as a goof, for about 2 weeks 10+ years ago before Facebook claimed it from me. Wild to me that huge banks don’t have a team whose responsibility it is to watch for and seize scam domains
- I've seen this on some of the domains speculatively registered by companies hoping to sell them for a fortune. Pick a dictionary word, or just a short (3 or 4 letter) Domain Name. If it's not actually in use, somebody had registered it and would love to sell it for some stupid amount. In the mean time, I guess they pay the fees by renting to scammers...
I really wish the domain registrar's would prohibit speculation, but there's money to be made, so...
by rickcarlino
1 subcomments
- Hopefully “direct navigation” does not become a boogeyman like “side loading” has.
- Yesterday I received spam with link on https://storage.googleapis.com/ that redirected to some parked domain.
by excalibur
1 subcomments
- The bit about the gmai.com mailserver is disturbing. One would imagine there are many other typo squatters with a similar setup.
- Can we have a land value tax for domains?
by moralestapia
1 subcomments
- This just happened to me a month ago, I was waiting for a unused domain to expire. The domain was hosted on Epik (which I think is a trashy company but w/e).
About a month before expiration it somehow got renewed for 10 years, which is weird because it was not available ... and is now hosting a "get-rich-quick" scam that pretends to be a genuine Petro Canada campaign.
- [dead]
Hacker News