We use cookies to provide you with a better experience. If you continue to use this site, we'll assume you're happy with this. Alternatively, click here to find out how to manage these cookies

hide cookie message
80,258 News Articles

Misspelt emails could end up in the hands of hackers

Researchers intercept 120,000 emails in six months through doppelganger domains

Web users that accidentally spell an email address wrong may see their messages end up in the hand of cybercriminals, say security researchers.

Peter Kim and Garret Gee of the Godai Group created a number of web domains that featured commonly misspelt names or those that were missing a dot in specific places, known as doppelganger domains.

Over six months the pair got their hands on 120,000 emails that featured these common misspellings. Had the doppelganger domains not existed the messages, which equated to 20GB of data, would have been returned to the originally sender. However because these misspelt domains existed, the emails were delivered. Kim and Gee revealed that many of these messages contained user names, passwords, and even details of corporate networks.

"Doppelganger domains have a potent impact via email as attackers could gather information such as trade secrets, user names and passwords, and other employee information," the pair said in a paper about the research.

Worryingly, just one of the firms involved noticed what was going on and tracked down the researchers. The pair believe some 30 percent of the top 500 US firm are vulnerable to this type of attack.

Furthermore, hackers could forward on the original emails they received, featuring a bogus return addresses that would enable the hacker to see the entire email conversation, a process which is known as a Man in the Middle attack.

Mark Stockley from security firm Sophos warned web users to encrypt and password protect sensitive data "so that if it does end up in the wrong hands it can't be used".

"Organisations can also prevent emails being sent to specific misspelled domains through their DNS or mail server configurations. Of course this approach won't prevent people outside your organisation from misspelling your domains," he said in a blog.

"It's striking that the researchers managed to capture so much information by focusing on just one common mistake."


IDG UK Sites

Best camera phone of 2015: iPhone 6 Plus vs LG G4 vs Galaxy S6 vs One M9 vs Nexus 6

IDG UK Sites

In defence of BlackBerrys

IDG UK Sites

Why we should reserve judgement on Apple ditching Helvetica in OS X/iOS for the Apple Watch's San...

IDG UK Sites

Retina 3.3GHz iMac 27in preview: Apple cuts £400 of price of Retina iMac with new model