N.S. failing to protect against 'typosquatting,' doppelganger websites, says analyst

CBC

October 25, 2021 at 5:00 a.m.·5 min read

An IT security analyst in Halifax says the provincial government is failing to protect Nova Scotians from potential online impostors who steal personal information with lookalike websites.

So for $20, Logan Atwood registered the web address "govns.ca" so it can't be used in so-called "typosquatting" attacks.

"Working in the industry, I realized just how many bad things that domain could be used for," Logan said.

Typosquatting is the practice of buying web addresses that are nearly identical to popular websites.

If anyone makes the right typing mistake, web traffic flows to a different host, which can be harnessed for advertising purposes.

But a bigger risk is posed by "doppelganger" websites, which are identical to official websites but minus a "." in the address.

"This is a special class of attack, even beyond typosquats," he said.

Tool for identity theft

Logan says doppelganger websites can be used to fool people into giving up sensitive personal information.

"Someone could create an email campaign looking to steal identities. And just tell people, "Hey, click here to receive your updated vaccine QR code." And have people put in their name, address, health card and just see how much information that would be able to get from them," Logan said.

"There could also be the potential to cause havoc and chaos with interprovincial relations, because you'd be able to send email that most people would actually think is coming from an elected official," Logan said.

"And you could be sending that to another province, the federal government, potentially even other countries," he said.

It could also be a way to sneak around proof of vaccination.

"Someone could purchase these domains and put up a fake vaccine QR code verifier, put up a website to allow generating these fake documents," he said

Logan says controlling provincial doppelganger websites is key to preventing these risks.

"It's generally considered a best practice, especially when you're looking at government, where they have a duty and responsibility to their citizens," Logan said.

Old version of N.S. address

Since October of 2018, the province has been transitioning from its old web address, "gov.ns.ca" to "novascotia.ca".

But the old address still looms large in the minds of internet users.

Logan surveyed his IT security colleagues to see if they'd catch the difference between "gov.ns.ca" and "govns.ca".

"They all told me that they wouldn't have noticed that in the email header," Logan said.

"So the very people that are supposed to be able to catch this sort of thing in their own personal lives told me that, yeah, they would have missed this," he said.

Provincial government unconcerned

Communications Nova Scotia is in charge of maintaining the province's web presence.

"The primary domains we use are novascotia.ca (current) and gov.ns.ca (legacy)," said spokesperson Chrissy Matheson.

"We only register domains we use or could use in the future.… We do not register domains that could represent typos and misspellings of our registered domains," she said.

"This practice could be costly for taxpayers and could unintentionally give legitimacy to lookalike domains," Matheson said.

"If a website misrepresents itself as a government property (by using the government logo, for example), CNS can take legal steps to have that website taken down. This has not been a big issue for the Nova Scotia Government," she said.

Major issue for the feds

Meanwhile, the federal Communications Security Establishment (CSE) has an active campaign to fight typosquatters and other scammers who try to impersonate federal institutions.

"Since March 2020, the Cyber Centre's work has contributed to the removal of over 10,000 fraudulent sites or e-mail addresses, including web sites impersonating the Government of Canada," said CSE spokesperson Evan Koronewski.

"CSE has helped identify and remove malicious websites pretending to be the Canada Border Services Agency, Public Health Agency, and the Canada Revenue Agency," Koronewski said.

Koronewski says COVID-19 has triggered a surge in government website impersonation.

"This work continues each and every day as we identify and remove more fraudulent domains impersonating the Government of Canada for any reason," he said.

Provincial risk goes beyond Nova Scotia

Attwood says Nova Scotia isn't the only province neglecting doppelganger websites.

He's registered lookalike sites for Manitoba govmb.ca, Quebec govqc.ca, Saskatchewan govsk.ca and the Yukon govyk.ca.

He also registered lookalikes for New Brunswick in both English and French, befitting the province's bilingual status.

"With New Brunswick, they had both 'gov' and 'gouvnb' available," he said.

Alarmingly, a doppelganger for the former Alberta website is already gone.

"There is govab.ca and that's currently already registered.… The identity of the owner is obscured through private registration," Logan said.

Offer to provinces

In the meantime Logan has set all the provincial lookalikes to link to a CBC story about a previous Nova Scotia IT problem.

He's also changed the doppelganger website settings to make it impossible to use them to send emails.

Logan says he wants all the jurisdictions to take the websites off his hands.

He says he's reached out by email..

"I requested that they acknowledge they received the email, and that they were ready to initiate a domain transfer. I would like for the respective provinces to own these domains," he said.

So far, he's received no response.

Logan insists his motivations are "pure," and he will give the sites away, even though registration cost him $20 each.

"Free … I wouldn't turn down having my costs covered, but by no means am I asking for them to be," he said.

MORE TOP STORIES

BANG Showbiz
Megan Thee Stallion being sued for ‘forcing cameraman watch her having lesbian sex!’
In a suit being brought by her ex-cameraman, Megan Thee Stallion is being sued for allegedly creating a hostile work environment and forcing her former videographer to watch her having lesbian sex.
a day ago
Yahoo Canada Style
Sophie Grégoire Trudeau is leaning into the unknown for her next chapter: 'I'm OK with the uncertainty'
No question was off limits in Yahoo Canada's candid and emotional conversation with the "Closer Together" author.
2 days ago
Sacramento Bee
Ex-teacher had sex with her student on his 8th-grade graduation, California prosecutors say
The former Butte County teacher pleaded no contest Monday to the charges.
8 hours ago
HuffPost
How Toxic Is Trump? Republican Group's Hidden Camera Reveals Uncomfortable Truth.
The former president's behavior just doesn't fly out in the real world.
2 days ago
ABC News
'So appalled': What witnesses told special counsel about Trump's handling of classified info while still president
In the summer of 2019, only hours after an Iranian rocket accidentally exploded at one of Iran's own launch sites, senior U.S. officials met with then-president Donald Trump and shared a sharply detailed, highly classified image of the blast's catastrophic aftermath. Worried that the image becoming public could hurt national security efforts, intelligence officials urged Trump to hold off until more knowledgeable experts were able to weigh in, the sources said.
3 hours ago
People
Ex-Aide Says Melania Trump Will Be Watching 'Every Ounce' of Hush Money Trial — and Looking for 1 Thing
Stephanie Grisham, who served as chief of staff and press secretary to Melania, offered a window into her former boss's thinking as Donald's alleged affairs take center stage in the Manhattan trial
a day ago
HuffPost
Donald Trump Will Hate What Mitt Romney Just Said About The Hush Money Trial
"So far as I know, you don't pay someone $130,000 not to have sex with you," the Utah senator remarked about the ex-president's payments to Stormy Daniels.
a day ago
The Daily Beast
Trump Picks Another Fight With Judge as He Waits for Contempt Ruling
PoolDonald Trump just can’t help himself.Moments after a contentious hearing about whether Trump should be held in contempt for violating his narrowly worded gag order, the former president took to his favorite social media platform to trash the judge who holds his fate. “HIGHLY CONFLICTED, TO PUT IT MILDLY, JUDGE JUAN MERCHAN, HAS TAKEN AWAY MY CONSTITUTIONAL RIGHT TO FREE SPEECH. EVERYBODY IS ALLOWED TO TALK AND LIE ABOUT ME, BUT I AM NOT ALLOWED TO DEFEND MYSELF,” Trump wrote on Truth Social
a day ago
INSIDER
Where Reena Virk's killers are now almost 30 years on from her murder that inspired 'Under the Bridge'
Hulu's "Under the Bridge" tells the story of the 1997 murder of Canadian teen Reena Virk. Here's where her killers, Warren Glowatski and Kelly Ellard, are now.
14 hours ago
People
'My Drink Tasted Funny': Pregnant Woman's Last Words Revealed After Alleged Fatal Poisoning by Boyfriend
Jade Benning died on her 25th birthday on March 6 after she was rushed to the hospital the week before
a day ago
People
Kourtney Kardashian's Sexy Bikini Photo from Her 45th Birthday Leaves Husband Travis Barker Melting
Kardashian enjoyed a vacation in paradise with her husband and four kids in honor of "45 trips around the sun"
a day ago
The Daily Beast
How Putin’s Whirlwind Bromance Could End in a Kremlin Tragedy
Sputnik/Alexei Nikolsky/Kremlin via ReutersThe Kremlin is reportedly scrambling to find a successor to Ramzan Kadyrov following reports that the Chechen leader has been diagnosed with necrotizing pancreatitis, a terminal illness, according to Russian media reports.Kadyrov, also known as “Putin's attack dog” or “Putin’s soldier” for his loyalty to Russian President Vladimir Putin, has visited Moscow Central Clinical Hospital regularly through the years to undergo procedures. He was allegedly diag
a day ago
Hello!
Prince Louis' birthday photos all have this in common – did you notice?
Prince William and Princess Kate's son, Louis, celebrated his sixth birthday with a new photo - and Kate Middleton has a habit of including the same detail in the annual portrait
15 hours ago
People
Kim Kardashian Reveals the Viral SKIMS Nipple Bra Was Modeled After Her Own Breasts
The bra was first released in October 2023
a day ago
The Daily Beast
‘Big Scandal’ Behind Russian Deputy Defense Minister’s Arrest
Moscow City Court Press Office/Handout via Reuters Russia’s deputy defense minister was arrested Wednesday just hours after attending a meeting of top military brass, according to federal investigators. Timur Ivanov is officially charged with accepting a massive bribe—but some sources say that’s just for show.“The bribe–that’s for the public. So far they don’t want to talk publicly about treason, it’s a big scandal. After all, it’s the deputy minister of defense,” one unnamed source close to the
14 hours ago
People
Florida Man Runs Over 11-Foot Alligator with Truck to Save Neighbor from Attack
"We pulled over and I got out of the car and saw that an alligator had him by the leg," Walter Rudder recalled to a local news outlet about the scary incident
19 hours ago
Cosmo
Anitta coordinates her teeny bikini with her… fridge?
Anitta shared a series of pics on IG posing in a teeny tiny green string bikini with yellow trim perfectly coordinated to her Smeg fridge and orange juice.
15 hours ago
HuffPost
Jesse Watters Self-Owns With Stunningly Clueless Take On Trump Foes
"The level of self-awareness here is in the deep negatives," one commenter wrote.
14 hours ago
People
Okla. Man May Face 12-Year Sentence in Turks and Caicos for Traveling with Ammunition: 'Bonehead Mistake'
Tourists Ryan and Valerie Watson were both detained on the island earlier this month after ammunition was found in their carry-on bag at the airport
10 hours ago
Hello!
Royal fans left disappointed as Prince William and Princess Kate break with tradition on eve of Prince Louis' birthday
Here's how Prince William and Princess Kate strayed from established tradition on the eve of Prince Louis' 6th birthday
2 days ago

Latest Stories