As political events go, the Conservative Party’s summer leadership contest was a largely restrained one, with relatively little mudslinging. But despite this outward appearance, there were domain squatting tactics at play behind the scenes that could have come straight from an influence operations handbook.
Domain squatting (also known as cybersquatting) is the pre-emptive purchase of website domains, conducted to prevent another interested party from controlling a domain name that is likely to be important to them. It can also be conducted as part of a wider effort to influence third-party searchers by intercepting their attempts to reach a website and redirecting them towards an alternative domain. Instances of domain squatting are recorded by the World Intellectual Property Organization (WIPO), whose statistics show a steady increase in the number of reported cases almost every year since the early 2000s.
Domain squatting techniques and objectives
Although domain squatting can take a multitude of forms, three primary techniques prevail, each with a slightly different intended target and objective.
First (and most effective) is the act of pre-emptively purchasing top-level domains such as example.com or example.org before the target organisation has managed to secure them. These domain registrations are often followed by attempts to extort the organisation with an interest in the domain to pay for the rights to it.
The second method is substitution-squatting, where a domain is registered with characters that substitute a known company domain’s letters with something visually similar, for example tw1tter.com spelled with a “1” instead of an “i”. This technique is often used to trick users into accepting the site as the legitimate website of a known organisation, and is often employed as part of an effort to harvest user credentials.
Finally, there is typo-squatting, which attempts to intercept users who have misspelled the domain of the website they are trying to visit, for example twqitter.com or faceboook.com. This method is often used by hackers in an attempt to install malware onto users’ devices.
How domain squatting featured in the Conservative leadership contest
So what activity did we see in the 2022 Conservative leadership contest? Penny Mordaunt, Nadhim Zahawi, Rishi Sunak, and Liz Truss’s campaigns all featured some form of domain squatting, although there has been no acceptance of responsibility for this from any of the candidates’ camps.
According to viewdns.info, Rishi Sunak’s formal leadership campaign website domain ready4rishi.com was registered via GoDaddy on 6 July 2022, two days after he resigned as Chancellor. However, speculation has arisen as to how long Sunak’s camp was preparing for a leadership bid, after it was discovered that a similar website, readyforrishi.com, was registered on 23 December 2021 – at the height of Boris Johnson’s partygate scandal and more than six months before he announced his resignation as Prime Minister.
When analysing complex financial situations for evidence of disinformation operations, Digitalis searches for ‘ghost architecture’, the sites and domains registered ahead of contentious situations that lie dormant, ready to be engaged to influence stakeholders when the time comes. Speculation regarding Liz Truss’s leadership ambitions was reported on in January this year, after journalists identified two websites of interest. Both inlizwetruss.com and inlizwetruss.co.uk were registered on 29 December 2021, again during former Prime Minister Boris Johnson’s tumultuous period. While Liz Truss’s formal campaign website was registered as lizforleader.co.uk on 8 June 2022, the activity follows the pattern of a classic domain squatting attempt to pre-emptively control potentially useful domains.
A far more brazen domain squatting activity occurred in relation to Nadhim Zahawi and Penny Mordaunt’s campaigns. Early on in Zahawi’s leadership bid, before he had created an official domain, he had tweeted using the hashtag #NZ4PM (Nadhim Zahawi for Prime Minister). Incredibly, when entering the URL NZ4PM.com, users were shown a holding page endorsing Penny Mordaunt for leader before being automatically redirected to her official website. A note on the page (see below) stated that the domain redirection was set up by “an anonymous Penny Mordaunt supporter”.
Digitalis continues to track the spread of state-sponsored influence operation techniques, and it is likely that examples of soft-influence methodologies will remain a feature of future leadership campaigns and elections. For those outside of politics, developing an understanding of the domain landscape well ahead of planned transactions is of paramount importance. Securing domains before malicious actors can use them to conduct influence operations is vital, and understanding the techniques employed by domain squatters will enable you to take steps to protect your business against such activity.
Privacy Policy.
Revoke consent.
© Digitalis Media Ltd. Privacy Policy.
Digitalis
We firmly believe that the internet should be available and accessible to anyone, and are committed to providing a website that is accessible to the widest possible audience, regardless of circumstance and ability.
To fulfill this, we aim to adhere as strictly as possible to the World Wide Web Consortium’s (W3C) Web Content Accessibility Guidelines 2.1 (WCAG 2.1) at the AA level. These guidelines explain how to make web content accessible to people with a wide array of disabilities. Complying with those guidelines helps us ensure that the website is accessible to all people: blind people, people with motor impairments, visual impairment, cognitive disabilities, and more.
This website utilizes various technologies that are meant to make it as accessible as possible at all times. We utilize an accessibility interface that allows persons with specific disabilities to adjust the website’s UI (user interface) and design it to their personal needs.
Additionally, the website utilizes an AI-based application that runs in the background and optimizes its accessibility level constantly. This application remediates the website’s HTML, adapts Its functionality and behavior for screen-readers used by the blind users, and for keyboard functions used by individuals with motor impairments.
If you’ve found a malfunction or have ideas for improvement, we’ll be happy to hear from you. You can reach out to the website’s operators by using the following email webrequests@digitalis.com
Our website implements the ARIA attributes (Accessible Rich Internet Applications) technique, alongside various different behavioral changes, to ensure blind users visiting with screen-readers are able to read, comprehend, and enjoy the website’s functions. As soon as a user with a screen-reader enters your site, they immediately receive a prompt to enter the Screen-Reader Profile so they can browse and operate your site effectively. Here’s how our website covers some of the most important screen-reader requirements, alongside console screenshots of code examples:
Screen-reader optimization: we run a background process that learns the website’s components from top to bottom, to ensure ongoing compliance even when updating the website. In this process, we provide screen-readers with meaningful data using the ARIA set of attributes. For example, we provide accurate form labels; descriptions for actionable icons (social media icons, search icons, cart icons, etc.); validation guidance for form inputs; element roles such as buttons, menus, modal dialogues (popups), and others. Additionally, the background process scans all of the website’s images and provides an accurate and meaningful image-object-recognition-based description as an ALT (alternate text) tag for images that are not described. It will also extract texts that are embedded within the image, using an OCR (optical character recognition) technology. To turn on screen-reader adjustments at any time, users need only to press the Alt+1 keyboard combination. Screen-reader users also get automatic announcements to turn the Screen-reader mode on as soon as they enter the website.
These adjustments are compatible with all popular screen readers, including JAWS and NVDA.
Keyboard navigation optimization: The background process also adjusts the website’s HTML, and adds various behaviors using JavaScript code to make the website operable by the keyboard. This includes the ability to navigate the website using the Tab and Shift+Tab keys, operate dropdowns with the arrow keys, close them with Esc, trigger buttons and links using the Enter key, navigate between radio and checkbox elements using the arrow keys, and fill them in with the Spacebar or Enter key.Additionally, keyboard users will find quick-navigation and content-skip menus, available at any time by clicking Alt+1, or as the first elements of the site while navigating with the keyboard. The background process also handles triggered popups by moving the keyboard focus towards them as soon as they appear, and not allow the focus drift outside of it.
Users can also use shortcuts such as “M” (menus), “H” (headings), “F” (forms), “B” (buttons), and “G” (graphics) to jump to specific elements.
We aim to support the widest array of browsers and assistive technologies as possible, so our users can choose the best fitting tools for them, with as few limitations as possible. Therefore, we have worked very hard to be able to support all major systems that comprise over 95% of the user market share including Google Chrome, Mozilla Firefox, Apple Safari, Opera and Microsoft Edge, JAWS and NVDA (screen readers), both for Windows and for MAC users.
Despite our very best efforts to allow anybody to adjust the website to their needs, there may still be pages or sections that are not fully accessible, are in the process of becoming accessible, or are lacking an adequate technological solution to make them accessible. Still, we are continually improving our accessibility, adding, updating and improving its options and features, and developing and adopting new technologies. All this is meant to reach the optimal level of accessibility, following technological advancements. For any assistance, please reach out to webrequests@digitalis.com