What Every CISO Should Do to Fight Typosquat Attacks?


Microsoft recently secured a court order to takedown ‘homoglyph’ domains that impersonate one of their brands. In a statement they released on July 19, they said that these imposter domains were targeting Office 365 customers. This court order is a huge win! Not just for Microsoft, but the entire cybersecurity industry.

In this blog, we will take a look at what homoglyph domains are, how are they are related to the problem of typosquatting before jumping into how you can protect your brand from these attacks.

What are homoglyph domains?

Homoglyph domains look very similar to the brand’s legitimate domain and are hard to tell apart. For example, Bolster’s legitimate domain is bolster[.]ai. If we replace the ‘o’ with ‘0’ (zero), it is very hard to spot the difference. Similarly, we can generate any number of combinations.

Legitimate Domain: bolster[.]ai
Replacing ‘o’ with the number zero: b0lster[.]ai
Replacing ‘o’ with ‘ò’:…

Read full article at securityboulevard.com