Mistyped email addresses invite hackers in

Researchers reveal that cyber-criminals use miss-spelt emails, gather sensitive information

Tags: Cyber crime
  • E-Mail
Mistyped email addresses invite hackers in Researchers have revealed that hackers can take advantage of miss-spelt emails to gain sensitive corporate and personal data.
By  Georgina Enzer Published  September 13, 2011

Mistyped email addresses can lead to messages ending up in the hands of cyber-criminals, according to research cited by the BBC.

Researchers created web domains that contained commonly mistyped names and, over a period of six months received 20GB of data made up of 120,000 wrongly sent messages, some of which contained enterprise network details as well as individual account user names and passwords.

According to researchers Peter Kim and Garret Gee of the Godai Group, about 30% of the top 500 companies in the US are vulnerable to this security weakness.

The vulnerability arises because of the way that many organizations set up their email systems, using a single domain for their website, but sub-domains for individual business units, regional offices or foreign subsidiaries. Full-stops are used to define the separate words in that sub-domain.

In many cases, if the address is typed in wrong, the message will simply be returned to sender, but by setting up domains using the miss-spelling, cyber-criminals would be able to receive these messages.

"Doppelganger domains have a potent impact via email as attackers could gather information such as trade secrets, user names and passwords, and other employee information," wrote the researchers in a paper detailing their work.

According to the researchers, only one of the companies being impersonated discovered the breach.

They said that a clever hacker could forward the messages they receive on to the intended recipient and therefore cover their tracks.

The research also revealed that many addresses resembling corporate sub-domains are owned by individuals in China or linked to sites associated with malware or phishing.

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code