What is Typosquatting?

By on

Typosquatting, also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned by a hacker that is usually designed for malicious purposes.

Hackers often create fake websites that imitate the look and feel of your intended destination so you may not realize you’re at a different site. Sometimes these sites exist to sell products and services that are in direct competition with those sold at the website you had intended to visit, but most often they are intended to steal your personal identifiable information, including credit cards or passwords.

These sites are also dangerous because they could download malicious software to your device simply by visiting the site. So you don’t even need to click on a link or accept a download for dangerous code to install on your computer, smartphone or tablet. This is called a drive-by download and many typosquatters employ this as a way to spread malicious software whose purpose is to steal your personal information.

In some cases, typosquatters employ phishing in order to get you to visit their fake websites. For example, when AnnualCreditReport.com was launched, dozens of similar domain names with intentional typos were purchased, which soon played host to fake websites designed to trick visitors. In cases like this, phishing emails sent by scammers spoofing a legitimate website with a typosquatted domain name make for tasty bait.

In order to protect yourself against typosquatters, I recommend you:

  • Pay close attention to the spelling of web addresses or websites that look trustworthy but may actually be close imitations of the online retailer you are looking for.
  • Instead of typing the web address into your computer, make sure you have a safe search tool, like McAfee® SiteAdvisor® which comes with McAfee® LiveSafe™ that provides warning of malicious sites in your browser search results.
  • Don’t click on links in emails, texts, chat messages or social networking sites.
  • Invest in a comprehensive security solution like McAfee LiveSafe™ service that protects all your devices, your identity and data.

 

There are more ways to scam people online than ever before. Your security intelligence is constantly being challenged, and your hardware and software are constant targets so make sure you stay educated and use common sense!


 

One comment on “What is Typosquatting?

Leave a Comment

Similar articles

The topics parents need to discuss with kids today can be tough compared to even a few years ago. The digital scams are getting more sophisticated and the social culture poses new, more inherent risks. Weekly, we have to breach very adult conversations with our kids. Significant conversations about sexting, bullying, online scams, identity fraud, ...
Read Blog
There's something ironic about cybercriminals getting "hacked back." BriansClub, one of the largest underground stores for buying stolen credit card data, has itself been hacked. According to researcher Brian Krebs, the data stolen from BriansClub encompasses more than 26 million credit and debit card records taken from hacked online and brick-and-mortar retailers over the past ...
Read Blog