Bad actors move fast. And while they’re increasingly more sophisticated, many of their tricks and tactics start right underneath your nose, beginning with your Internet domain and typosquatting techniques. Typosquatting can be extremely insidious, ensnaring your unsuspecting prospects and customers and wreaking havoc on your business. To make matters worse, between all the different typosquatting techniques (hyphenations, insertions, character swaps, vowel swaps, etc.) and the plethora of top-level-domains (TLDs), the advantage clearly favors the bad actors.
For enterprises, the typosquatting problem can very easily become a runaway train scenario. The sheer volume of typosquatting variants can quickly sap a team’s domain acquisition budget and overwhelm a team’s ability to detect, monitor and remediate malicious conditions. A simple 6-letter domain can have as many as 12,000 typosquatting variants! Sifting through all these combinations on a daily basis will bring almost any sized security team to its knees.
Figure 1: Acquiring typosquatting variants can quickly outpace acquisition budgets
Defensive Domain Analysis & Acquisition with Bolster
At Bolster, we offer an innovative solution leveraging our AI engine to combine defensive domain acquisition with domain risk protection. With the solution customers can tap into Bolster AI to identify unregistered high-risk typosquatting variants and purchase them before bad actors do. Of course, the scope of purchases is dictated by customer budgets, but Bolster AI helps tremendously to stretch investments. In a recent case, we helped a customer reduce expenses by as much as 90% vs. brute-force purchasing while focusing investments where risk is greatest.
As illustrated in Figure 2 below, Bolster Domain Acquisition targets low-cost typosquatting variants that based on our AI are deemed highly-desirable for bad actors to launch attacks. Purchasing these domains eliminates the risk and helps to shrink your overall Internet Attack Surface at the same time. For the remaining typosquatting domains, including high-risk registered domains, low-risk registered domains and low-risk unregistered domains, Bolster will monitor all conditions its Domain Risk Management service. Any changes to these domains, or signs of weaponization, will be detected in real-time, and remediation steps taken, including auto-takedowns in as little as 2 minutes, as needed.
Figure 2: Bolster Domain Acquisition plus Domain Risk Management provides total protection
Start playing defense today with Bolster!
To get started, request a FREE , no obligation, Domain Acquisition Analysis. We’ll scan 3,000+ top-level domains globally to determine typosquatting variants that are available for purchase and the associated costs to acquire them. Next, we’ll help you adopt an acquisition strategy to help reduce your Internet Attack Surface. Simply input your budget into your own custom domain acquisition dashboard and you’ll instantly see all your purchasing options, by overall risk level, by top-level domain, and by geography. Our customers are continually amazed by the level of visibility, available actions, and rapid scenario planning inherent in the platform.
For domains already registered by potential bad actors and for domains left unpurchased, we’ll set up an online real-time monitoring dashboard with full visibility and interactivity. You’ll be able to easily identify active TLD, look-alike and typosquat variants, prioritize them based on threat level, and monitor them for changes. What’s more, you’ll be able to detect new registrations and monitor each for weaponization over time. All of this will allow you to get ahead of threatening conditions, taking critical remediation action, including automated takedowns, before attacks occur.
Start playing defense today!
To learn more about domain monitoring, read our whitepaper: Guide to Domain Monitoring and Remediation
Request your free Domain Acquisition Analysis
Learn more about Bolster Domain Protection solutions.