Cyber Security Typo Squatting Detection Technology

Technology Overview

A long existing risk in Cyber Security is the risk of typo-squatted domains. These attacks rely on the fact that humans are unable to consistently type the same domain name. If such a domain is then registered by an attacker, potentially confidential information could leak to these attackers, due to typological errors (typo) in email addresses as an example, by infecting a visitor of the typo-squatted site or by presenting a look-alike site without the user's awareness of the ruse. Our technology aims at detecting typo-squatted domains and keeping track of the activity on these domains such that appropriate action could then be taken.

Technology Features & Specifications

The technology is available as a software module that detects typo-squatted domains based on a first domain that is given. It uses smart algorithms to find possible typo-squatted domains and subsequently checks for the existence of these domains. The software can be adapted in various ways; in one example implementation the software collects more information about the domain and rates the newly registered domain in terms of the level of malicious intent. In another implementation, the software is adapted to check during the registration phase if the domain registered is not a potential typo-squatted domain. The software can also be adapted to send out alerts that allow a security operations center to keep an eye on typo-squatted domains.

Potential Applications

Applications include the running of the software in a stand-alone fashion in order to keep an eye on typo-squatted domains. Other applications could include forwarding alerts to existing systems or running this in parallel with other systems.

Market Trends and Opportunities

There are three main markets for this software:

  • Domain name registrars. These are limited in numbers and often highly regulated. However, the software has been running satisfactorily with one registrar for an extended period of time
  • Large organizations: Large organizations that have a security operations center could run the software themselves for their domains. They could use it to keep an eye out for typo-squatted versions of their existing domains and decide whether or not to take action against a specific domain if they deem it inappropriate.
  • Service providers and/or security vendors: Service providers and vendors could include the software in their packages in order to add value to their product.

Customer Benefits

We are not aware of competing offers that focus on typo-squatting. The solution is novel as the problem is a recognized one but little is done to mitigate it. This software provides a way to keep track of typo-squatted domains and take appropriate action based on what happens with the domain, who registers it and what the website looks like.

Make an Enquiry