Twitter Squatting – The New Domain Jacking?

Use Netsparker


It seems the latest target for spammers, opportunists and those into Domain Squatting is the registration of interesting or possibly valuable Twitter usernames.

Twitter has exploded recently as a new ‘micro-blogging’ platform and it works really well, especially when combined with more traditional blogging and the host of tools that have been build around Twitter to enable you to find tweets about specific topics or events easily.

Now Twitter has created a new supply of valuable “names”: Twitter IDs. They take the form of twitter.com/stiennon for instance. Have you signed up for your free Twitter ID? Do you own your surname? Company name? Brand identity?

Is there evidence of Twitter squatting (squitting?) Let’s check. Yup, every single-letter TwitID is taken. Some are legitimate (Check out “S” for instance, that is a cool personal email assistant service) but X, Y, and Z are place holders. How about common words? Garage, wow, war, warcraft, Crisco, Coke, Pepsi, Nike, and Chevrolet are all taken. My guess is that Twitter squatters have grabbed all of these in the hopes that they will be worth selling in the not too distant future. Of course the legitimate holders of brands can sue for them and Twitter can just turn them over if asked. But, because the investment and risk for the squatter is zero, you are going to see the rapid evaporation of available Twitter IDs.

I wonder if this will be the next lucrative business, people registered thousands of Twitter usernames and speculating with them.

Imagine if your name or company name is taken, it’s gonna be cheaper than litigation to get it back to just pay the guy a few hundred or a few thousand dollars. If you haven’t gotten a Twitter ID yet I suggest you bag your name now before someone else does.

How to protect your own brand? Immediately go to Twitter.com and determine if your name is available. Get it while you can. While you are at it, reserve all of the names associated with your brand. You may decide that any domain you have invested in should have its Twitter ID. It is the domain name squatters who will jump on this new land grab first after all. Reserving multiple Twitter IDs is easy. Twitter attempts to limit reservations by requiring a unique email address for each sign-up. That is circumvented by using the Google “plus sign” email trick. Simply append something (your new Twitter ID for instance) to your Google email address like stiennon+itharvest@gmail.com. Gmail treats that as stiennon@gmail.com but Twitter thinks it is unique. I expect Twitter to fix this flaw shortly. They may even require email confirmation.

So go and get registering, especially if you have anything to do with the online presence of a real business – go and register the business name and derivatives now. You could save yourself some money when later the CTO or CEO thinks blogging and Twittering may really boost your brand equity.

Who knows? Better safe than sorry right.

Source: Network World

Posted in: Phishing, Spammers & Scammers

, , ,


Latest Posts:


BDFProxy - Patch Binaries via MITM - BackdoorFactory + mitmProxy BDFProxy – Patch Binaries via MiTM – BackdoorFactory + mitmproxy
BDFProxy allows you to patch binaries via MiTM with The Backdoor Factory combined with mitmproxy enabling on the fly patching of binary downloads
Domained - Multi Tool Subdomain Enumeration Domained – Multi Tool Subdomain Enumeration
Domained is a multi tool subdomain enumeration tool that uses several subdomain enumeration tools and wordlists to create a unique list of subdomains.
Acunetix Vulnerability Scanner For Linux Now Available Acunetix Vulnerability Scanner For Linux Now Available
Acunetix Vulnerability Scanner For Linux is now available, now you get all of the functionality of Acunetix, with all of the dependability of Linux.
Gerix WiFi Cracker - Wireless 802.11 Hacking Tool With GUI Gerix WiFi Cracker – Wireless 802.11 Hacking Tool With GUI
Gerix WiFi cracker is an easy to use Wireless 802.11 Hacking Tool with a GUI, it was originally made to run on BackTrack and this version has been updated for Kali (2018.1).
Malcom - Malware Communication Analyzer Malcom – Malware Communication Analyzer
Malcom is a Malware Communication Analyzer designed to analyze a system's network communication using graphical representations of network traffic.
WepAttack - WLAN 802.11 WEP Key Hacking Tool WepAttack – WLAN 802.11 WEP Key Hacking Tool
WepAttack is a WLAN open source Linux WEP key hacking tool for breaking 802.11 WEP keys using a wordlist based dictionary attack.


3 Responses to Twitter Squatting – The New Domain Jacking?

  1. Pantagruel November 5, 2008 at 11:25 am #

    Squatting in general is lame, be it domainname or blogID squatting.
    Instead of getting a real job they just want to get some fast money by extorting a big company.

  2. navin November 5, 2008 at 12:58 pm #

    but it works…tht’s the point!!

    just think how much a domain name like linux.com or microsoft.com would be worth at the time of the company start

    and what they’re worth now!! :)

  3. Armen Shirvanian November 20, 2008 at 6:15 pm #

    The good names on up-and-coming services do tend to become unavailable quite quickly. One that has been successful in acquiring names that became in-demand would be motivated to look to the next new service they could build up a set of names in as well. A person can build up a reasonably-sized collection of names, and then wait for people to show interest before capitalizing on them.