Image: Digital Shadows

A study of 225 typosquatted domains registered using election-related terms found that around two-thirds were non-malicious in nature, either hosting politically-themed propaganda or were left in a parked state, without any content.
The report, compiled by threat intelligence firm Digital Shadows, looked at so-called typosquatted domains, which are URLs modeled to mimic legitimate sites.
While the Digital Shadows report found that 67% of domains were “non-malicious,” researchers also found that 21% of the election-related typosquatted domains were either misconfigured or illegitimate sites. This includes websites that were either down, peddled scams, sold products using candidate brands, or falsely claimed to be affiliated with the official campaign.
Per the same report, the rest of the domains (12%) were redirecting users to other sites. Most were official candidate and campaign sites, and the domains were likely registered by the campaigns themselves, as a form of protection. However, the researchers also said that not all redirections were in good nature, and they also found typosquatted domains redirecting to sites attacking the candidate whose name they abused (i.e., trump-is-bad-for-us[.]com and biden[.]exposed).
This week’s report is a follow-up to a similar study researchers carried out in October 2019 when they looked at typosquatted domains for 34 candidate- and election-related terms, finding 550 sites in total.
But as the US presidential election has advanced to its final stage, Digital Shadows re-did its older report, and only looked at terms like Trump, Pence, Biden, Kamala, Kamala Harris, vote, elect, and poll.
But while the new 2020 report found that two-thirds of sites were non-malicious, Digital Shadows says this shouldn’t be taken at face value, as this could change as we near election day.
“Most of the non-malicious sites that we detected were parked domains, which can act as a false sense of safety; sure, it’s not hosting right now, but that can change within an instant and without warning,” the company said.
“Additionally, if a parked domain has an MX (Mail eXchange) record, it could potentially be leveraged in a phishing campaign, which we know is bad news all around.”
Furthermore, even if the sites that were categorized as “non-malicious” (as part of the 67% data set) didn’t host scams or malware, that doesn’t mean they weren’t malicious in the spectrum of election interference, with many of them hosting “negative sentiment” and “brand-damaging” propaganda, for both sides of the election aisles. In fact, this is what the DHS warned about last month in a bulletin sent to state and local officials across the US last month. More

When choosing a VPN, you’ve got a lot of choices. In our best of guide and speed test guide, we’ve narrowed down the list from the 50+ branded commercial options out there to about 10. But once you narrow the list down even more, what do you choose? In this article, we’ve taken two of our top choices — NordVPN and Surfshark — and compared them.

Surfshark wins
VPN providers are always tinkering with their pricing, so these numbers are bound to change. That said, Surfshark is less expensive. Surfshark’s best deal is what they tout as $2.49 a month (you’ll really be paying $59.76 now for two years of service). Nord is asking for $3.71 (or a wallet hit of $89 on signup for two years of service).
Surfshark definitively wins this round by allowing you to run an unlimited number of client devices with its VPN service, while Nord permits a relatively generous six simultaneous connections.
Both offer a 30-day money-back guarantee.
View Now at Surfshark

NordVPN wins
Image: ZDNet/David Gewirtz
In our fastest VPN guide, we took a look at both our own in-house tests and how the Internet overall rated VPNs. We compared VPN rankings in speed tests from 10 sites besides ZDNet. Of potentially more interest, we compared the standard deviation of those rankings, which helps us determine whether a given VPN has a consistent ranking all across the internet, or different reviewers got wildly different numbers.
As the above slide shows, NordVPN not only had a better aggregate average ranking but a considerably lower standard deviation. This means that pretty much wherever you are, your NordVPN performance should be pretty good. By contrast, how Surfshark will perform is likely to be considerably less predictable.
View Now at NordVPN

Tie between NordVPN and Surfshark
Both NordVPN and Surfshark support the big four: iOS, Android, Mac, and Windows. Surfshark also supports Linux, FireTV, Apple TV, and what it calls “other TVs.” It supports Xbox and Playstation as well as browsers Chrome and Firefox.
NordVPN lists Android TV, Linux, and Chrome and Firefox extensions on its download page, but has a support page for installing NordVPN on other platforms, including routers, Raspberry Pi, and NAS boxes including Synology, Western Digital My Cloud, and QNAP.
The fact is, both products support a reasonably wide range of devices. If you’re a NAS user, you probably want NordVPN. If you’re a console gamer, you probably want Surfshark. As we always recommend, do your research before buying.
View Now at NordVPN VIEW NOW AT SURFSHARK

Tie between NordVPN and Surfshark
Let’s get this out of the way upfront: If you’re counting on a VPN for your physical freedom or to protect your life, you must do a lot more research than just reading an article like this. With that said, let’s look at the overall profile for these two vendors.
NordVPN has gotten a lot of mileage out of its Panamanian corporate registration, claiming that Panama puts its records out of the legal reach of governments and lawyers.  s I discussed in great depth in my analysis of NordSec, it’s possible that countries with Mutual Legal Assistance Treaties (MLAT) may well be able to pierce the corporate veil.
Although I didn’t do as deep an in-depth analysis of Surfshark, the company has the same claims and limits as Nord. Surfshark lists its registry in the British Virgin Islands but is a company with developers based in many MLAT countries as well.
Both vendors tout a no-logs policy. Both vendors say they don’t capture connection time stamps, used bandwidth, traffic logs, IP addresses, or browsing data. Both offer warrant canaries. Both capture email addresses and billing information. NordVPN does capture your billing address and country. Both NordVPN and Surfshark accept cryptocurrencies.
View Now at NordVPN VIEW NOW AT SURFSHARK

Tie between NordVPN and Surfshark
Both vendors offer a kill switch, which we consider table stakes in terms of VPN special features. Surfshark offers a multi-hop connection, which is similar to NordVPN’s feature causing your IP address to change twice before reaching the destination server. Both support P2P, allowing you to torrent your favorite Linux distros (and possibly other digital sharing activities of dubious legality, which we categorically do not recommend).
NordVPN has a few interesting features not provided by Surfshark. NordVPN also provides Onion Over VPN, which allows you to use both the Onion anonymizer and Nord’s VPN together. NordVPN also allows you to buy a dedicated IP address, which can help if you’re dealing with anonymous servers or gaming connections. NordVPN also offers business plans.
Both providers offer malware and adware filtering, although Surfshark’s AdBlock VPN feature appears to be somewhat more comprehensive. Surfshark also offers what it calls Camouflage Mode, which the company says can prevent your local ISP from knowing you’re surfing using a VPN. While NordVPN has a blog post on whitelisting, they don’t appear to have whitelisting as an actual client feature. By contrast, Suftshark uses its split-tunneling feature as a whitelister.
Both vendors come to the game with most of the features you’d expect. Nord has a few more business-focused features while Surfshark has some features that may afford a limited degree of additional personal privacy — but this would need in-depth testing to truly validate. As such, we’re calling a tie for special features.
View Now at NordVPN VIEW NOW AT SURFSHARK
Decision tree
So how do you decide? Here are a few options that may make that decision easier.

If price is your top concern, Surfshark will save you about $30 over two years.
If predictably fast download performance is key, then NordVPN is more consistently fast in overall performance.
If you need a VPN for a NAS appliance, then NordVPN is your choice.
If you want a VPN for your Xbox or Playstation, choose Surfshark.
If you want a dedicated IP address or more business-oriented features, choose NordVPN.
There you go. Surfshark vs. NordVPN. It’s not a super cut-and-dried answer. One isn’t wildly better than the other. But the decision tree above should help you pick the winner given your own needs. How do these choices fit your needs? Have you chosen a VPN provider already? What capabilities and characteristics helped you to make up your mind.
You can follow my day-to-day project updates on social media. Be sure to follow me on Twitter at @DavidGewirtz, on Facebook at Facebook.com/DavidGewirtz, on Instagram at Instagram.com/DavidGewirtz, and on YouTube at YouTube.com/DavidGewirtzTV.

ZDNet Recommends More

Yuichiro Chino / GettyImages While the internet has undoubtedly brought new benefits, it’s also brought new problems as cyber criminals look to exploit our seemingly ever-growing reliance on connectivity. Special Feature Phishing emails, malware and ransomware attacks, or getting your bank details, passwords and other personal information stolen – the internet has provided malicious hackers with […] More

Prime Minister Scott Morrison called a press conference on Friday morning to “raise awareness” of the state-based cyber attacks Australia is currently facing across all levels of government, as well as the private sector. “Based on advice provided to me by our cyber experts, Australian organisations are currently being targeted by a sophisticated state-based cyber […] More

There is increasing interest in national cybersecurity as the line between military, economic, and diplomatic conflict blurs. The role that cloud computing plays as part of every nation’s critical infrastructure is once again under scrutiny. More