Hello, welcome to the Monday, May 22nd, 2017 edition of the Sandton and Storm Center's Stormcast. My name is Johannes Ulrich, Enterdam, recording from Jacksonville, Florida.

Well, typo squatting is nothing really fundamentally new. Xavier has a nice recent example here that makes a good awareness piece for DHL.

DHL, the packet delivery service, of course, is often the subject of malicious fishing attempts

where they are trying to make you open a shipping receipt.

In this particular case, they used DHL with www.com.

Now, by the time, Xavier looked at the domain, DHL had already taken it over.

But of course, it's just a matter of time for someone to come up with another variation,

replacing else with ones and the like.

Saville is also talking about a neat tool that you can use to find typo-squadding domains.

DNS Twist.

DNS Twist will not only try sort of look-alike domains, it will also then tell you what is the name server for them so you can find

possible typo squatting lookalike domains that are trying to impersonate your brand.

And then of course, what do you do with these typo squatting domains? Well, you probably shouldn't

ask Xavier pointed out, put it just to a DNS parking site,

but instead use it to educate users that this is not the correct spelling for your company name,

and to be careful with typos like that.

And since you're not going to use this domain for any legitimate outbound email, you can

then also set up SPF settings identifying this domain as a domain that will not be used

for any outbound email, which will make it easier for others to then filter email that's

trying to impersonate or use this particular domain.

And Netgear about a week ago released a new firmware, something you should definitely

consider applying given that of course it fixes like always a number of serious bugs.

...