Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse

Domain squatting is a common adversarial practice where attackers register domain names that are purposefully similar to popular domains. In this work, we study a specific type of domain squatting called "combosquatting," in which attackers register domains that combine a popular trademark with one or more phrases (e.g., betterfacebook[.]com, youtube-live[.]com). We perform the first large-scale, empirical study of combosquatting by analyzing more than 468 billion DNS records---collected from passive and active DNS data sources over almost six years. We find that almost 60% of abusive combosquatting domains live for more than 1,000 days, and even worse, we observe increased activity associated with combosquatting year over year. Moreover, we show that combosquatting is used to perform a spectrum of different types of abuse including phishing, social engineering, affiliate abuse, trademark abuse, and even advanced persistent threats. Our results suggest that combosquatting is a real problem that requires increased scrutiny by the security community.Comment: ACM CCS 1

Domain Tasting Is Taking Over the Internet as a Result of ICANN’s “Add Grace Period”

When a domain name is registered, the registrant is given five days to cancel for a full refund. While the purpose of this grace period is to protect those who innocently err in the registration process, speculators have taken advantage of the grace period through a process called domain tasting. These domain tasters register hundreds of thousands of domain names and cancel the vast majority of them within the five-day grace period, keeping only those that may be valuable as placeholder advertising websites or to holders of trademark rights. This iBrief will outline the domain tasting process, analyze why it is a problem, and discuss solutions to the problem. Ultimately, it concludes that the five-day grace period is unnecessary because it serves little, if any, legitimate purpose

Typosquatters, The Tactical Fight Being Waged by Corporations, and Congress\u27 Attempt to Fight Back in the Criminal Arena

Part II of this Note presents an overview of domain names as well as a general overview of cybersquatting and trademarks. Part III analyzes some of the measures Congress has taken against cybersquatting and the case law under those measures. Part IV gives a general overview of typosquatters, who constitute a subgroup of cybersquatters. Part V discusses the TDNA and issues that have been addressed through U.S. v. Zuccarini. Part VI asks whether the TDNA is an unconstitutional restriction on free speech. Part VII questions whether criminal liability is appropriate and argues for a higher culpability standard in § 2252(B)(b) of the TDNA. Finally, Part VIII proposes several options that can be used to circumvent typosquatted websites and examines the future of typosquatting after the U.S. Supreme Court\u27s recent holding in Ashcroft v. American Civil Liberties Union