We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Misspelt emails could end up in the hands of hackers

Researchers intercept 120,000 emails in six months through doppelganger domains

Web users that accidentally spell an email address wrong may see their messages end up in the hand of cybercriminals, say security researchers.

Peter Kim and Garret Gee of the Godai Group created a number of web domains that featured commonly misspelt names or those that were missing a dot in specific places, known as doppelganger domains.

Over six months the pair got their hands on 120,000 emails that featured these common misspellings. Had the doppelganger domains not existed the messages, which equated to 20GB of data, would have been returned to the originally sender. However because these misspelt domains existed, the emails were delivered. Kim and Gee revealed that many of these messages contained user names, passwords, and even details of corporate networks.

"Doppelganger domains have a potent impact via email as attackers could gather information such as trade secrets, user names and passwords, and other employee information," the pair said in a paper about the research.

Worryingly, just one of the firms involved noticed what was going on and tracked down the researchers. The pair believe some 30 percent of the top 500 US firm are vulnerable to this type of attack.

Furthermore, hackers could forward on the original emails they received, featuring a bogus return addresses that would enable the hacker to see the entire email conversation, a process which is known as a Man in the Middle attack.

Mark Stockley from security firm Sophos warned web users to encrypt and password protect sensitive data "so that if it does end up in the wrong hands it can't be used".

"Organisations can also prevent emails being sent to specific misspelled domains through their DNS or mail server configurations. Of course this approach won't prevent people outside your organisation from misspelling your domains," he said in a blog.

"It's striking that the researchers managed to capture so much information by focusing on just one common mistake."

IDG UK Sites

LG G4 launch live! LG G4 launch live blog - What to expect from the LG G4 launch, LG G4 launch...

IDG UK Sites

Apple Watch release day: Twitter reacts

IDG UK Sites

QuarkXPress 2015 released: the DTP tool gets a speed boost and long-document tools

IDG UK Sites

Apple Watch buying guide, price list & where to buy today: Which Apple Watch model, size, material,?......