Researchers discover network of 7,000 typo squatting domains

A network of some 7,000 typo squatting domains is being used by scammers to effectively drive traffic towards their scammy sites, some of which get so much traffic that they managed to enter Alexa’s top 250 list of sites with the largest Web traffic, say Websense researchers.

The typo squatting domains take advantage of the “fat-fingered” visitors of popular websites such as Google, Twitter, Gmail, YouTube, Wikipedia, Victoria’s Secret, Craigslist, and many more, and redirect them to spam survey sites.

From there, the users are taken to sites with spam advertisements and greyware masquerading as free downloads of legitimate software such as movie downloaders.

Websense researchers say that currently these sites are not offering malware for download. “However, if these networks are resold to underground groups, then the potential outcome could be even more damaging than the 0-day exploit security attacks,” they point out.

As things stand now, users are mostly in danger of handing over their private information and other sensitive data when completing the surveys.

“Based on online web site valuation tools such as worthofweb.com, we expect that attackers are pulling in a substantial income from typo squatting campaigns,” say the researchers. One of the destination sites gets over 870,000 visits per day (around 4 million page views), and earns the scammers over $6,000 per day (around $180,000 per month) – certainly nothing to sneeze at.