One of the malicious domains, they discovered some which had formerly been registered by legitimate companies which in fact had combined words using their trademarks. For whatever reason, individuals companies allowed the registrations to lapse, allowing the trademark-that contains domains – which once brought to legitimate sites – to become absorbed by combosquatting attackers.
Georgia Institute of Technology
177 North Avenue
Atlanta, Georgia 30332-0181 USA
Oftentimes, malicious domains were re-registered multiple occasions once they had expired, suggesting a noticable difference in “internet hygiene” may be required to deal with this threat.
Click image to enlarge
CITATION: Panagiotis Kintis, et al., “Hiding in Plain Sight: A Longitudinal Study of Combosquatting Abuse,” (2017 ACM Conference on Computer and Communications Security). https://arxiv.org/abs/1708.08519