Typos Could Lead to Security Breaches and Cybertheft

 

Another reason to read, reread and proofread before you hit “send” while emailing: Bad spelling and even just leaving out a single period can mean your messages could end up in the clutches of cyber thieves. The BBC cites a new study by Peter Kim and Garret Gee of the Godai Group which found that about 30 percent of 500 top US companies are “vulnerable” to a security breach because of the way they’ve set up their email systems:

While most have a single domain for their website, many use sub-domains for individual business units, regional offices or foreign subsidiaries.

Dots or full stops are used to separate the words in that sub domain.

For example a large American financial group may take bank.com as its corporate home but internally use us.bank.com for staff email.

Usually, if an address is typed with one of the dots missing, ie usbank.com, then the message is returned to its sender.

But by setting up similar doppelgänger domains, the researchers were able to receive messages that would otherwise be bounced back.

Using these “doppelgänger domains,” cyber thieves can steal “trade secrets, user names and passwords, and other employee information,” the authors of the study write.

Kim and Gee actually created web domains with commonly mistyped names and found themselves receiving emails that would not otherwise have come to them. According to the BBC, “over six months they grabbed 20GB of data made up of 120,000 wrongly sent messages,” with some of those emails containing valuable information in the form of user names, passwords and “details of corporate networks.”

Furthermore, the researchers did follow-up work and found that many addresses which closely resembled corporate domains were owned by individuals in China, or could be traced to websites associated with malware or phishing.

I’m not myself innocent of typos. Kim’s and Gee’s study is a striking reminder that every keystroke counts — and of why we all need to proofread, proofread, put our writing aside for a bit and then proofread again. Someone out there is waiting for us (for you) to make a typing error that could be far more fatal than you think.

 

Related Care2 Coverage

The Religion of Apple

Global Cyberattack By an Asian Nation Uncovered

Study Says Internet Use Affects Our Memory

Photo by SidewaysSarah

17 comments

Marjaana V.
m y5 years ago

the whole thing is bloody annoying. i mean, why do I need a filter to skim off all the garbage that spammers bombard the net with? i'd love to be able to set up a filter of my own: one that bounces back all spam and multiplies itself like a melissa virus before it hits the originators mailbox!

Tom Sullivan
Tom C Sullivan5 years ago

thanks 4 imfo

Carole H.
Carole H5 years ago

_Very interesting thank you. Noted.

Vance Daddi
Vance Daddi5 years ago

Nothing is foolproof...fools are too ingenious.

Nessie Benjamin
Nessie B5 years ago

Scarey!

Bruce K.
Bruce K5 years ago

Let's blame Al Gore he invented it....LOL

HM B.
Past Member 5 years ago

Thanks for this info.

Another reason to fight back when businesses try to force you to pay bills, manage accounts, etc. online vs. traditional mail and secure phone lines. The risks are too high, in my book.

Lynn C.
Lynn C5 years ago

It's getting more and more likely I'll not be using this machine much longer. It's so expensive, first of all, but when it allows invasive inroads to a persons privacy, it's something I can live without.

Debbie Wasko
Past Member 5 years ago

Proofreaders used to be an integral part of the job force when dealing with advertising, etc. Of course that assumes one has been educated properly in the art of spelling, definition, and sentence structure ... questionable at best in our current fast-tracking society. QUALITY ASSURANCE IS DEAD AS A DOORKNOB. Sad.

Drusilla P.
Drusilla P5 years ago

Companies need to hire really good computer programmers (and pay them decently!).
There's got to be something to help.
Typos will *always* happen, so there's a need for some safety net.

Thanks for the post.