Spelling mistakes can lead to online security breaches
13 Sep, 2011, 11:59 am IST | by
Padmini Harchandrai
| 
|
If you have a friend with a very complicated email address or even just a name you frequently misspell like mine, you have to be extra careful when typing out their addresses when you send them an email. Researchers have found that cyber thieves create commonly misspelled domains and usernames for email addresses. What this means is when you make a mistake in spelling the name of the intended recipient's email address, it could end up in the inbox of a cyber thief instead of just bouncing back to you. Investigators looking into this have grabbed 20GB from over 1,20,000 wrongly sent emails in the past six months. Of course, some of the intercepted emails contained private information like usernames and passwords, as well as private corporate information.  Make sure email addresses have no spelling mistakes
Usually, it's companies that fall victim to this practice. When a company has one domain for their website and multiple domains for their individual business units, they tend to differentiate between domains with the use of dots. So for instance, a multinational television company in the US would have the email address us.company.com, while in India they might have company.india.com. If a sender messes up the placement of the dots and the order of the words, chances are, the email will end up in the hands of thieves.
Some attackers that are actually clever will go unnoticed by being a middle man. The obvious way such a practice would be caught would be that recipients keep reporting that they're not receiving emails intended for them, but senders aren't getting emails bounced back. A clever thief would actually forward on the email to its intended sender. Of course, this means, that when the recipient hits reply and an email chain starts, that's more information that a thief receives. Mark Stockley wrote on the Sophos security firm's blog, "A determined attacker with a modest budget could easily afford to buy domains covering a vast range of organisations and typos." |
Tags: Security , Privacy , Internet Security , Email , Email addresses , Sophos , Domains
Mixx
Facebook
Twitter
Digg
delicious
reddit
MySpace
StumbleUpon
LinkedIn
Mastermind behind Bredolab botnet sentenced to jail in Armenia
A man who was in command of the botnet, Bredolab, controlling some 30 million computers worldwide, has ...
Trend Micro takes top spot in TechNavio’s global market share report
Prepaid cards for Google Wallet temporarily disabled; Google says it is safe
Trend Micro gets new security solution to the Android platform
New McAfee Mobile Security aims to protect your beloved Android
McAfee announces Application Control software for enterprises
Chrome Beta loads web pages before user completes URL
Diablo III may be selling like hotcakes but do its sales really benefit the PC gaming industry?
Leaked Images, Availability, Pricing,
Specs, Pre-order
YouTube is the most preferred and undoubtedly the most popular video...
Social Gifting: The next hot trend?
Social networks have knitted the world too close, and everything one does
10 must-have Google Chrome extensions
Despite Microsoft’s IE gaining its market share and numerous Mozilla...
Asus announces their Thunderbolt-ready Z77 motherboards
Sayantan Guha Roy
Mon May 28, 17:03:56
Pre-order Nokia 808 PureView in India at Rs.32,000
Suman Saurav Meher
Mon May 28, 16:43:23
Anonymous India releases blocked sites list, plans peaceful protest
'Salil Mahajan
Mon May 28, 15:49:16
_011517074205_160x90.jpg "Epson Stylus Photo R3000")
No Skype, Angry Birds, PES 2012 on Lumia...
Pre-order Nokia 808 PureView in India at...
Windows 8 or Windows RT? How do you decide
Android 4.0 aka ICS tablets available in...
About Us | Site Profile | Tech2 Team | IBNLive News | IBNLive Hindi News | Cricket News | Indian Stock Market | Policy | T & C
Copyright © 2011, Tech2.com India - A Network 18 India Venture
