email il typosquattin ing
play

Email il Typosquattin ing Janos Szurdi and Nicolas Christin - PowerPoint PPT Presentation

Jul 09, 2023 •226 likes •530 views

Email il Typosquattin ing Janos Szurdi and Nicolas Christin Dictionary ry.com 2 Youtube.com 3 Fourteen Years of f Typosquatting Research 2003 Edelman : first case study on one typosquatter 2006 Wang et al. : detection 2008 Banerjee et

  1. Email il Typosquattin ing Janos Szurdi and Nicolas Christin

  2. Dictionary ry.com 2

  3. Youtube.com 3

  4. Fourteen Years of f Typosquatting Research 2003 Edelman : first case study on one typosquatter 2006 Wang et al. : detection 2008 Banerjee et al. : detection 2009 Chen et al. : detection WEB 2010 Moore and Edelman : monetization 2011 Banerjee et al. : detection 2014 Szurdi et al. : large scale study 2015 Agten et al. : longitudinal study and Khan et al. : quantifying harm to users Miramirkhani et al. : technical support scam 2017 4

  5. Other Applications Using DNS • Email: • SSH: • FTP: • Godai group 2011: white paper on email typosquatting • Vissers et al. 2017: name server typosquatting 5

  6. Agenda 1. Email Typo Mistakes • What are the email typo mistakes users can make? 2. In the shoes of typosquatters • Do users make email typo mistakes frequently? 3. Typosquatting in the wild • Can typosquatters collect emails on a large scale? • How much emails typosquatting domains in the wild receive? 4. In the shoes of the victims • Do typosquatters actually collect emails? 6

  7. Email Typo Mis istakes 7

  8. Receiver Typo mom@gmail.com 8

  9. Reflection Typo typo@gmail.com 9

  10. When Reflection Typos Are Really Bad When mistake affects other users! someone@zohomil.com: we received several • job applications • with CVs containing personal information Several job advertisement copy pasted with the same mistyped address 10

  11. SMTP Typo smtp.gmail.com 11

  12. In In The Shoes of Typosquatters 12

  13. Collection Ethics IRB approved • Took measures beyond IRB requirement Registering typosquatting domains • Potential trademark infringement • On request surrender domains Collecting personal emails • Protect personal information • Keep on secure server • Encrypt emails • Protect privacy • Remove sensitive data • Minimize the number of emails viewed 13

  14. Collection In Infrastructure Virtual Main Registered DNS Private SMTP Collection Servers Server domains “Forwarding” Forwarding outlo0k.com gmaiql.com ho6mail.com smtpverizon.net 14

  15. Emails Header Based Filtering SpamAssassin Spam Filtering Collaborative Spam Filtering Reflection Typo Detection Frequency-based filtering emails Filtered 15

  16. Receiver Typo Emails Collected Infrastructure Down 16

  17. SMTP Typo Emails Collected 17

  18. Not All Typosquatting Domains Are Equal 75% 18

  19. Typosquatting Domain Quality Domain # Emails Is Fat Finger? ohtlook.com 1320 TRUE Factors of profitability outlo0k.com 1170 TRUE outmook.com 324 FALSE ouulook.com 137 FALSE • Popularity of target domain is the most oetlook.com 84 FALSE important ouvlook.com 25 FALSE o7tlook.com 20 TRUE • Keyboard distance ou6look.com 7 TRUE • Conspicuousness hovmail.com 1095 FALSE ho6mail.com 147 TRUE 19

  20. Typosquatting In In The Wil ild 20

  21. In Infrastructure Concentration: Registrants 45% One registrant: 10% of domains 1% 1% 21

  22. In Infrastructure Concentration: Mail Server Records 75% One Mail Server Record: 14% of domains 1% 22

  23. Email Typosquatting Eco-system High SMTP support • Millions of typosquatting domains • 2/3 of typo domains can receive emails Infrastructure serving typosquatting • Average name servers: 4% typosquatting • Bad name servers: up to 89% typosquatting Targeting email protocols • 41 SMTP typos of Alexa top 10k • smtpgmail.com Both privacy protected and typosquatting • smtphotmail.com 23

  24. Ext xtrapolation Model • Based on our previous observations • Features: Popularity, conspicuousness and keyboard distance Extrapolate to • 1211 typosquatting domains • Targeting: gmail.com, hotmail.com, outlook.com, comcast.com, verizon.com Estimate: • 850,000 emails/year received One email costs one penny to collect • Ideal for spear phishing or scam campaigns 24

  25. In In The Shoes of The Victims 25

  26. Honey Email with Honey Token 26

  27. Honey Email with Honey Account 27

  28. Large Scale Test Tested • 50,000 typosquatting domains Domains accepting our emails Domain registration type Percent accepted our emails All 14 % Public registration 4 % Private registration 27 % Sensitive targets • disvover.com, bankofamericqa.com, nuaghtyamerica.com and comcacst.com Emails read • 19 based on our logs 28

  29. Sensitive In Information Test Tested • 7269 domains • previously accepted our email Emails read • 15 based on our logs Sensitive information accessed • Tax document accessed from Caracas Venezuela • Shell account access attempt from Poland 29

  30. Summary ry • Users sent us emails with sensitive data • Typosquatting domains’ profitability depends on • Popularity • Conspicuousness • Keyboard distance • Typosquatters have infrastructure in place to collect emails • One email costs one penny to collect • Exploitation of email typosquatting is not confirmed jszurdi@andrew.cmu.edu 30

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

Relief Email www.REIVault.com Email problem and solution EMAIL OVERLOAD Things falling

Relief Email www.REIVault.com Email problem and solution EMAIL OVERLOAD Things falling

Relief Email www.REIVault.com Email problem and solution EMAIL OVERLOAD Things falling through the cracks You cant use email effectively since its completely unusable for you (so you revert to text or other means of

885 views • 37 slides
ConvertKit Rockstars Week 1 What is email marketing? Email marketing is the act of sending a

ConvertKit Rockstars Week 1 What is email marketing? Email marketing is the act of sending a

ConvertKit Rockstars Week 1 What is email marketing? Email marketing is the act of sending a commercial message, typically to a group of people, using email. In its broadest sense, every email sent to a potential or current customer could be

278 views • 11 slides
Email Marketing Foundations for Success By Nicole Delma Email Marketing - Intro Email Marketing

Email Marketing Foundations for Success By Nicole Delma Email Marketing - Intro Email Marketing

Email Marketing Foundations for Success By Nicole Delma Email Marketing - Intro Email Marketing has been a remarkably powerful lever for marketers since the early days of batch and blast sends. Aware of its power to drive revenue and response,

248 views • 20 slides
Mailfence Reclaim your email privacy A SECURE AND PRIVATE EMAIL Mohammad Salman Nadeem

Mailfence Reclaim your email privacy A SECURE AND PRIVATE EMAIL Mohammad Salman Nadeem

Mailfence Reclaim your email privacy A SECURE AND PRIVATE EMAIL Mohammad Salman Nadeem Information security analyst Mailfence 31 March 2017 Why did email encryption never take off? Why email data needs to be protected? Email

362 views • 10 slides
How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address

How to Identify a Phishing Email Brought to you by Information Security Services An email address that tries to disguise itself as legitimate A generic greeting An email that demands immediate action CWU warning message indicates the email

268 views • 8 slides
Email Features and Functions What we will cover What is Email What is Gmail Why do we

Email Features and Functions What we will cover What is Email What is Gmail Why do we

Email Features and Functions What we will cover What is Email What is Gmail Why do we have this new account Features of our accounts Hands on Tasks Why use Email? More productive: Comes with an address book, instant

397 views • 23 slides
Elements of Email Quick tips you can use right away to improve the essentials of your email

Elements of Email Quick tips you can use right away to improve the essentials of your email

Elements of Email Quick tips you can use right away to improve the essentials of your email marketing Hygiene Compliance Segmentation Elements of Email Design Content 2 Elements of Email Compliance 3 Risk Management How to navigate

1.43k views • 97 slides
Engaging Email Newsletters Strategy and Tactics Email is one of the biggest opportunities in the

Engaging Email Newsletters Strategy and Tactics Email is one of the biggest opportunities in the

Engaging Email Newsletters Strategy and Tactics Email is one of the biggest opportunities in the digital space and most people arent talking about it. Lets discuss... Why should I invest in email? How do I make emails that

517 views • 35 slides
Chapter 9 Internet Email Page 1 We Shall be Covering ... Internet email Using Ximian

Chapter 9 Internet Email Page 1 We Shall be Covering ... Internet email Using Ximian

Chapter 9 Internet Email Page 1 We Shall be Covering ... Internet email Using Ximian Evolution email Using Mozilla Mail email Page 2 Internet Email Web-based (webmail) or POP3-based Webmail: uses ubiquitous web browser to

498 views • 25 slides
Cloud-based email security and filtering Index 1. Email Challenges in Corporate Environments

Cloud-based email security and filtering Index 1. Email Challenges in Corporate Environments

Cloud-based email security and filtering Index 1. Email Challenges in Corporate Environments Problems Needs 2. The solution: Email Protection What is it? Benefits Features Email Protection 24/06/2015 2 Email Challenges

143 views • 11 slides
EMAIL ACQUISITION STRATEGIES 1 EMAIL ACQUISITION CHALLENGE PROBLEM: TPWD has a small % of

EMAIL ACQUISITION STRATEGIES 1 EMAIL ACQUISITION CHALLENGE PROBLEM: TPWD has a small % of

EMAIL ACQUISITION STRATEGIES 1 EMAIL ACQUISITION CHALLENGE PROBLEM: TPWD has a small % of customer email addresses. SOLUTION: Develop and implement new email acquisition strategies RESULT: Greater reach, greater engagement, greater opportunity

591 views • 46 slides
April 2017 Colin Lewis Agenda Brainwashing: why email is still the number 1 choice! 1.

April 2017 Colin Lewis Agenda Brainwashing: why email is still the number 1 choice! 1.

Email Marketing April 2017 Colin Lewis Agenda Brainwashing: why email is still the number 1 choice! 1. Creating your email strategy: the nuts and bolts 2. Subscriber Experience 3. Tools: software and email clients 4. Privacy 5.

1.52k views • 107 slides
Study Abroad Opportunities Dr Helen Roe Email: h.roe@qub.ac.uk Please email Helen if you have

Study Abroad Opportunities Dr Helen Roe Email: h.roe@qub.ac.uk Please email Helen if you have

Study Abroad Opportunities Dr Helen Roe Email: h.roe@qub.ac.uk Please email Helen if you have any queries about the new student exchange agreement between Carleton Geography & Environmental Studies and School of Natural and Built Environment

295 views • 5 slides
Email is stressful Mark Wilson mark@warkmilson.com Agenda

Email is stressful Mark Wilson mark@warkmilson.com Agenda

Email is stressful Mark Wilson mark@warkmilson.com Agenda My rela:onship with email How to track email data How to mi:gate email stress

668 views • 50 slides
Dovecot: Secure IMAP Email Server February 2, 2006 Why Run An Email Server? Control resource

Dovecot: Secure IMAP Email Server February 2, 2006 Why Run An Email Server? Control resource

NDLUG Dovecot: Secure IMAP Email Server February 2, 2006 Why Run An Email Server? Control resource allocation Limited storage on regular email account (50 megabytes at ND) Unlimited on your own computer Do filtering and sorting

454 views • 8 slides
Electronic Mail Overview Electronic mail History Format of email RFC 822, MIME,

Electronic Mail Overview Electronic mail History Format of email RFC 822, MIME,

Electronic Mail Overview Electronic mail History Format of email RFC 822, MIME, email addresses Sending email SMTP, DNS Retrieving email POP, IMAP, Web-based 2 Flashback to the 70s ARPANET just recently came

437 views • 40 slides
Jabber, E-mail and Beyond Ralph Meijer and Peter Saint-Andre Jabber, E-mail and Beyond p.1/26

Jabber, E-mail and Beyond Ralph Meijer and Peter Saint-Andre Jabber, E-mail and Beyond p.1/26

Jabber, E-mail and Beyond Ralph Meijer and Peter Saint-Andre Jabber, E-mail and Beyond p.1/26 Overview What is Jabber/XMPP? History Architecture Core Protocol Protocol Extensions Where is Jabber? Example

588 views • 26 slides
Project Plan Enhanced Program Guide Authoring Services The Capstone Experience Team Motorola

Project Plan Enhanced Program Guide Authoring Services The Capstone Experience Team Motorola

Project Plan Enhanced Program Guide Authoring Services The Capstone Experience Team Motorola Mobility Alex Boyd Chris Goad Rory Hool Haohan Lin Department of Computer Science and Engineering Michigan State University Spring 2011 From

382 views • 15 slides
Internet Initiative Japan Inc. IR Road Show September 2012 September 2012

Internet Initiative Japan Inc. IR Road Show September 2012 September 2012

Internet Initiative Japan Inc. IR Road Show September 2012 September 2012 http://www.iij.ad.jp/en/ir TSE1:3774 NASDAQ:IIJI Key Investment Highlights y g g Top IP Engineering Company in Japan Shifted from ISP to Total Network

553 views • 38 slides
2013 Fall Blue MEDIA STRATEGY MARKETING COMMITTEE, AUGUST 14, 2013 Evolving Fall Blue

2013 Fall Blue MEDIA STRATEGY MARKETING COMMITTEE, AUGUST 14, 2013 Evolving Fall Blue

2013 Fall Blue MEDIA STRATEGY MARKETING COMMITTEE, AUGUST 14, 2013 Evolving Fall Blue With the 2013 Fall Blue campaign, we will be re- launching the Fall Blue creative concept. Our targets include the following OTMPC

378 views • 33 slides
Cyber Security Awareness Seminar Presented By: Ryan Moore Ohio Cyber Range Institute, University

Cyber Security Awareness Seminar Presented By: Ryan Moore Ohio Cyber Range Institute, University

Cyber Security Awareness Seminar Presented By: Ryan Moore Ohio Cyber Range Institute, University of Cincinnati About This Seminar Designed for everyday cyber citizens Online Webinar 2 hour Presentation 10 Minute break

607 views • 57 slides
2019 Budget Presentation April 18, 2019 THE PROCESS Budget Refresher Budget Requests

2019 Budget Presentation April 18, 2019 THE PROCESS Budget Refresher Budget Requests

Township of Montgomery 2019 Budget Presentation April 18, 2019 THE PROCESS Budget Refresher Budget Requests Department Meetings Budget Committee Assessor Ratables Budget Introduction Advertisement Budget Hearing

895 views • 33 slides
HUGECTR GPU 15 Nov 2019 AGENDA Click-Through Rate

HUGECTR GPU 15 Nov 2019 AGENDA Click-Through Rate

HUGECTR GPU 15 Nov 2019 AGENDA Click-Through Rate Prediction Challenges in CTR Training HugeCTR Introduction 2 CLICK-THROUGH RATE PREDICTION 3 WHAT IS CTR Wikipedia: Click -through rate ( CTR

551 views • 43 slides
CONTENTS Overview 2 Ecocarrier for Social Edification 2 W5GO TM 3-4 TM PizzzAR 5-6 TM

CONTENTS Overview 2 Ecocarrier for Social Edification 2 W5GO TM 3-4 TM PizzzAR 5-6 TM

CONTENTS Overview 2 Ecocarrier for Social Edification 2 W5GO TM 3-4 TM PizzzAR 5-6 TM MRESENCE 7-9 TM View 2 Visit 10 TM PPIXXELLS 11 Definition of industry terms used 12 Strategic partnerships opportunity 12 Please click on

353 views • 14 slides

More recommend