I'm out of the office, so please read this spam

September 22, 2011 By PETER SVENSSON , AP Technology Writer

(AP) -- If you're prone to mistyping email addresses, here's a new thing to worry about: you could be a target for spammers trying to sell you a dream vacation or a diet product by pretending to be one of your friends or colleagues.

In a clever twist on spam, some websites with names that are confusingly similar to legitimate sites have been set up to reply to any sent to them. The responses are framed as out-of-office replies, but sneak in mentions of a new product or service you should try.

Here's a real-life example of how it works: An Associated Press reporter accidentally sent a message to a "verizonwireless.co" address instead of the proper ".com" and got this response, ostensibly from his contact "tom":

"I am out of office right now on a my (sic) dream vacation and will get back to you when I return. If you don't hear from me, my assistant should contact you shortly. You should check this site to see how I scored the best travel deal for my trip."

That's followed by a link to a site that advertises luxury resorts. Presumably, the owner of verizonwireless.co makes money when someone clicks through to any of the resort sites.

Only a handful of sites were set up to produce the autoreplies tracked by the AP, and they stopped after the AP's inquiries. But there are hundreds of thousands of sites out there that could be set up to reply to Mr. and Mrs. Butterfingers, with names that are slight variations of major sites - like "yaoo" instead of "yahoo." They've been registered by so-called "typo-squatters," whose goal is to make money from advertising as people accidentally visit the sites after mistyping an address in their Web browser.

If more typo-squatting sites start autoreplying, that could be particular problem for Internet mailing lists. If a participant mistypes his or her address when joining a mailing list, every message to the list could get a response from a typo-squatter. This infestation is already apparent on a few Internet mailing lists, including one about Django, a free software package, and one for Communist University, a group based in Johannesburg, South Africa.

Tom Pica, a spokesman for Verizon Wireless, said the company's legal department is looking at the matter and intends to pursue the owner of "verizonwireless.co." Patrick Flaherty, a lawyer for Verizon, said the company will probably try to seize the domain name through legal action.

It's unclear who owns verizonwireless.co and the page with the links. Their address registration data is masked.

Verizon Communications Inc., which controls Verizon Wireless, has gone after typo-squatters before. In 2008 it won a $33.1 million judgment against OnlineNIC, a San Francisco-based company that according to Verizon had registered 663 domain names like "myverizionwireless.com."

The phone number given in the spam messages goes to the online fax account of a real-estate broker in Honolulu. She said she first learned the number was included in the spam when asked by an AP reporter.

The mailing address in the spam goes to an apartment building in Encino, Calif. The messages don't include an apartment number.

Internet searches revealed that at least two other typo-squatting sites have produced auto-replies: yaoo.es and livingdeadolls.com. One response from the latter site said "I'm on sick leave because of some news from my Dr., please check out this diet product he recommended."

According to registration data, yaoo.es is owned by Tomasz Kurlenko of Poland. Reached by phone, Kurlenko said he had no control over the site, which like the other two sites is managed by Bodis.com.

Bodis.com is a "domain parking service," that manages sites for owners. It puts up ads on the sites and gives owners a share of advertising revenue if surfers stumble onto them. The company is run by Matt Wegrzyn of New York. Reached by phone, he said the auto-reply service is provided by AdMedia, a Los Angeles-based company. Wegrzyn said he wasn't happy with the money the service provided, and that he was considering shutting down auto-replies for Bodis sites. The sites stopped auto-replying to messages after the AP reached him.

AdMedia didn't reply to a request for comment.

Tyler Moore, a fellow at Harvard University, and Benjamin Edelman, an assistant professor at the Harvard Business School, estimated last year that nearly 1 million typo-squatting domains, like faceboop.com, gootle.com and wamlart.com shadow the top 3,264 dot-com sites. That's almost 300 typo sites for every legit one.

Moore said he had never heard of typo-squatters sending fake out-of-office replies, but said it makes sense for them.

"Since squatters have already registered the domain, they quite cleverly are converting any human interaction with the domain into an advertising opportunity," he said.

Unwanted out-of-office spam isn't the only reason to be careful about typing email addresses. A small security firm recently reported setting up 30 Web addresses, with names similar to those of major corporations, and saving every email that came in over six months. The firm, Godai Group, ended up with 120,000 emails, with contents that included trade secrets and network usernames and passwords.

Explore further: Domain registry on the rise


Related Stories

Domain registry on the rise

April 27, 2006

Internet domain names may become as ubiquitous as Social Security numbers one day, according to Dotster Inc.

Another US Internet company pulls back in China

March 24, 2010

(AP) -- Two U.S. companies that sell Internet addresses to Web sites said Wednesday they had stopped registering new domain names in China because the Chinese government has begun demanding pictures and other identification ...

Tips for Staying Safe on the Internet

November 3, 2005

Dan Barker, the co-owner of Strategic Data Integration in Hillsborough, N.C., and an editor of “Certified Internet Webmaster Foundations for Dummies,” teaches the Duke Continuing Studies course "PC Threats: Spam, Scams ...

Researchers flag phony domains in e-mail security study

September 11, 2011

(PhysOrg.com) -- A paper released this week shows how an e-mail scoffing technique picks up personal employee information, company secrets and passwords almost effortlessly with just the setting up of domain and e-mail server. ...

Domain Names Can Leave Net Users in Tangled Web, Study Finds

August 16, 2006

In a world of e-mail spam and Internet scams, it’s often difficult to discern fact from fiction in cyberspace. Some Internet users can’t distinguish a real Web site from a fake one based on its domain name, and some users ...

Mozilla resists request to remove Firefox tool

May 6, 2011

Mozilla, the non-profit developer of the Firefox Web browser, is holding off on complying with a government request to remove a software tool meant to circumvent federal efforts at curbing Internet piracy.

Recommended for you


Please sign in to add a comment. Registration is free, and takes less than a minute. Read more

Click here to reset your password.
Sign in to get notified via email when new comments are made.