It's interesting to see ICANN - the Internet Corporation for Assigned Names and Numbers - finally getting around to condemning the practice of redirecting Internet users to a third-party Web site or portal when they misspell a Web address and type a domain name that does not exist.
This practice has been going on with a number of ISPs since the first Web browsers started appearing in the mid-to-late-1990s.
The ISP reroutes weren't malicious, however, but merely tried to be helpful - with a little bit of sponsorship thrown in for good measure.
But the practice of rogue companies registering slight mispells of major sites has been going on since the early part of this decade - and it’s getting worse, with criminals using these sites, which are usually registered for a few dollars, as launchpads for malware infections.
The problem has been compounded with some DNS (Domain Name System) requests for non-existent domains being bounced by with the IP (Internet Protocol) address of another domain, a process known as NXDOMAIN substitution.
The target address is often a Web portal or information site, but it's also possible to end up on a malware-infected site if you aren't paying attention.
But it gets worse, as handling DNS requests this way has a number drawbacks that could lead to the Internet not working properly, says ICANN.
As an example, users sending e-mail to a domain that does not exist should get an immediate error message. However, if the message is redirected to a site set up to handle Web traffic, it's likely to get queued and an error message won't arrive for days.
In addition, users will get longer response times if the site to which they're supposed to be redirected goes down.
And here's the bad news - redirection sites are prime targets for attacks by hackers that want to send users to their own servers.
Here at Finjan we've been researching threats like this for years but as we've said before, the best defence against DNS routing issues is to use our SecureBrowser add-in for Internet Explorer and Mozilla Firefox.
This simple add-in will tell you when the Web site you're headed towards is potentially iffy. It won't stop you from going to the site, but it will act as your guardian angel.
And with Christmas shopping getting under way in earnest in the coming days, that's no bad thing.
Subscribe