Typosquatting Attacks Alive and Well–Unfortunately

By on

Typosquatting doesn’t get the attention that it used to, but it remains an effective means for attackers to capitalize on unsuspecting users. Of course, the most effective instances are those that target high-traffic sites. I stumbled upon criagslist.com, a transposition of craigslist.com (aka craigslist.org), only to be redirected to a host of sites pushing various things. The primary server also hosted other domains, including youutbe.com and youtupe.com, knock-offs of YouTube.com.

Miskeying one of these popular sites results in a cascade of redirects through various advertising channels and affiliates. At present, these primarily land the user on different survey pages, promising “exclusive rewards” of $50 or more, or a chance to win a $100 gift card. Previous campaigns were more blatant in deception, delivering fake malware detections, media player upgrades, security vulnerability warnings, and “Blue Screen” errors. One page even delivered an audio warning courtesy of an embedded MP3 file set to autoplay on page load.

 

Fake alerts:

Fake Media Player Upgrade

Fake Malware Detection

Fake "BSOD" Error Message

In general, these attacks frequently use contextual information, with alerts including your location, Internet service provider’s name, browser, OS, etc.

It’s common for less savvy users not to understand that such alerts are nothing more than deceptive web pages. When assisting others, facing such errors, it’s a good practice to have them minimize or close the browser to see if these simply disappear.

Leave a Comment

Similar articles

With winter almost gone, now is the perfect time to start planning your annual spring clean. When we think about our yearly sort out, most of us think about decluttering our chaotic linen cupboards or the wardrobes that we can’t close. But if you want to minimise the opportunities for a hacker to get their ...
Read Blog

Analytics 101

By on
From today’s smart home applications to autonomous vehicles of the future, the efficiency of automated decision-making is becoming widely embraced. Sci-fi concepts such as “machine learning” and “artificial intelligence” have been realized; however, it is important to understand that these terms are not interchangeable but evolve in complexity and knowledge to drive better decisions. Distinguishing ...
Read Blog