Last Updated on July 9, 2017 by Dave Farquhar
I lost an afternoon troubleshooting a Websense non-issue. A web site related to Salesforce wasn’t working, and any time something like that happens, Websense goes on trial. About all I can do is make sure it’s a fair trial. Such is the life of a proxy administrator. And in this case, Websense was innocent–the guilty party was a dirty, no-good domain squatter. It’s a business model. And people wouldn’t do it if it didn’t work. Here’s why domain squatting works.
Registering a domain only costs a few dollars these days. So the model goes like this: Find a domain that people are bound to mistype. Then register the typo. Fill it up with ads, then wait for traffic to pour in. A legitimate web site makes a couple of dollars for every 1,000 hits. Google won’t let you run Adsense on a site like that. But all they have to do is find an ad network that doesn’t care. If it pays less, just settle for less. Even at 50 cents per 1,000 hits, it doesn’t take long to make the registration and hosting fees back.
The end game, of course, is for the legitimate owner of the domain to get fed up and buy the domain and redirect it to theirs. Of course the price will have four or five digits to the left of the decimal point.
Repeat a few hundred times, and you’ve got a business model.
So isn’t it illegal? The legitimate business owner could go after the domain squatter for trademark infringement. But the amount of money it takes for a domain squatter to make a living is a much smaller thing than the amount of money that justifies a large company getting a legal team involved. It’s probably cheaper for the company to buy the domain than it is to sue. But buying the domain encourages the bad behavior, creating a bit of a dilemma. See the mess here?
Security teams get involved because all too often these sites end up serving up malware. So proxy servers like Websense and Bluecoat block them to lessen the odds of malware getting onto corporate networks.
And since they’re blocking something bad and people frequently don’t read the error message, the proxy server unfairly takes the blame. But we put up with it to keep worse things from happening.
David Farquhar is a computer security professional, entrepreneur, and author. He started his career as a part-time computer technician in 1994, worked his way up to system administrator by 1997, and has specialized in vulnerability management since 2013. He invests in real estate on the side and his hobbies include O gauge trains, baseball cards, and retro computers and video games. A University of Missouri graduate, he holds CISSP and Security+ certifications. He lives in St. Louis with his family.