Dec 20, 2011 | Cybersecurity Advice, Network Security, Web Filtering
If you have lazy fingers or tend to type a little too quickly, you will no doubt have come across typosquatting and URL hijacking before. These are two techniques used to obtain website visitors by piggybacking on the popularity of big online brands. Typosquatters are people who register domain names that are very similar to a major brand, but contain typos. There is Goole.com and Gooogle.com for instance, or Fcaebook.com, and numerous other variants.
The variants are now much more numerous than they used to be. Many new domains have been registered in recent years by typosquatters. The big brands are unhappy to say the least. They see this as an infringement of copyright and many have filed lawsuits against the owners of the sites to get them taken down. Both Google and Facebook have taken legal action already.
Is typosquatting and URL hijacking harmless?
If someone registers a variant of Facebook they are likely to attract many visitors a day, but are they actually doing any harm? People will realize they have mis-typed and just visit the correct site. No harm done. However, that is not always the case with typosquatting and URL hijacking.
The websites usually contain adverts and the owners of the sites make money from displaying them, and even more if the adverts are clicked. Is that taking money away from the big brands? Apparently it is, and we are not talking cents here. According to a study conducted in 2010 by the Washington DC-based Internet consulting company Fair Winds Partners, this form of URL hijacking costs the owners of the legitimate sites around $285 million per year in lost advertising revenues, lost sales, and other expenses.
Recently, some of the fake websites have been used by cybercriminals for phishing campaigns, and many contain malware. The ad networks used on the sites can contain links to malware-infected websites, and a number of criminals have used the sites and the huge traffic volume they receive to launch fake competitions. The information gathered from entrants is used for spear phishing campaigns. The winners of the competitions (everyone who enters) is sent a link to claim their prize or an attachment to open. The aim is to get them to install malware or reveal their bank account details.
Ad Networks make the practice of typosquatting and URL hijacking very profitable
Typosquatters are able to make money from URL hijacking by using ad networks, and there are plenty to choose from. Some are choosy about the sites that they accept to be part of their network, others less so. Some of those ad networks do not vet the placers of adverts very carefully, allowing cybercriminals to place ads that are syndicated across thousands of websites. When the adverts are clicked, they direct the visitor to a malware-infected website or a phishing site.
A simple typo made when attempting to visit a website can start a chain of events that leads to a computer, or the network it connects to, being infected with malware. This can result in criminals gaining access to sensitive data.
With Christmas fast approaching, the sites are now being used to show Christmas special offers. After that they will show cut price deals during the January sales. Careless typists are likely to see a lot of adverts, and may even click on a few. That could prove to be a very expensive mistake.
Typos will always be made from time to time, and that means there will always be a risk that employees will accidentally visit these malicious websites.
Web filters can be used to block access to the typosquatters websites, and web filtering solutions such as WebTitan can stop malicious adverts from being displayed. It may not be possible to make workers type more carefully 100% of the time, but a web filter will ensure that a company is properly protected should a typo be made.
Dec 5, 2011 | Cybersecurity Advice, Email & Web Spam
Email is a drain of productivity for many companies. Employees spend an extraordinary amount of time sending and receiving work emails, sifting through spam, and sending personal messages to friends and family. Ban the use of email and you could see a major increase in productivity, but is it actually possible to stop using email at work without that decision negatively impacting the business? The CEO of Atos believes it is. The decision has been taken to ditch email by 2012. Totally. Atos is not a small company either. It employs 50,000 people.
Atos will be going ‘Old School’. Instead of email, employees will pick up the telephone and speak to people. They will also stand up, walk over to their colleagues, and talk to them rather than fire a quick email. Electronic communication will not be abandoned entirely, as the company will use collaboration tools such as instant messaging programs. They will not be sending messages via email, but chatting to each other using instant messaging instead.
If employees stop using email at work, they will be more productive. Well, that is the theory at least. CEO Thierry Breton believes this to be the case. In fact, if you are waiting for a response to an email that you sent him, you will be waiting a long time. According to The Daily Telegraph, he has not sent a corporate email in three years!
Stop using email at work – It kills productivity!
Many employers wish they could stop using email at work. A huge amount of time is wasted dealing with email. Email is used for everything, even communications that are not best suited to the system.
The majority of email volume is taken up with spam, and even finding a genuine email can be difficult at times. With a powerful anti-spam solution installed, spam and other productivity-killing bulk email can be filtered out. However, time will still be wasted.
A short email is often an ideal way to communicate, but drafting long, complicated emails to convey difficult concepts (or send extensive amounts of data) is perhaps not wise. A face to face meeting or conference call may be better. Many workers resort to email when they really should choose another method of communication.
Banning the use of email entirely is perhaps going a little over the top, but you should consider reducing the volume of emails that are sent. Stop the use of email in certain situations and you will be able to improve the productivity of your workforce and eliminate a lot of wasted time.
Stop using email at work when you need to…
Find out something quickly or get a quick yes or no – Pick up the phone and stop wasting time waiting for a response
Send or receive confidential or sensitive data – If you don’t have encrypted email, you should not be sending information via the email network. Use secure cloud services for example.
Send complex information or instructions – Long emails are not read carefully. People tend to skim read. Essential information can be missed. Audio visual presentations, or other face to face communication methods, are usually preferable.
Conduct staff training – You can send reminders or virus warnings, but all training should be conducted face to face. Otherwise you will not easily be able to find out if information has been taken in and understood.
Communicate when you are very annoyed or upset – It is tempting to type out your emotions and rant via email. You can very easily let your emotions get the better of you and not only do something you will later regret, you will waste both your time and that of other people. E-rage can also seriously damage your career prospects.
Start using other methods of communication
You may hate social media, but there are benefits over email. Sometimes a Tweet may be a better way of getting a message out to a large number of people. Instant messaging services have numerous benefits. They do, after all, promote conversation.
Use of the telephone has reduced, but it is often much more productive to actually speak to someone. Face to face communication is still the best way to communicate in many cases, and thanks to VOIP it is possible to have face to face conversations with people in satellite offices.
Email cannot be eliminated. It is better for many business tasks. Sending quotes to customers for example. Instant messenger cannot be used for that.
If you want to improve productivity, don’t stop using email at work. Just restrict email use, and use other methods of communication when it is more appropriate to do so.
Could you stop using email at work? Could you improve productivity by reducing email usage?