We all mistype a website address now and then. Usually, you get an error message or you end up on a website with a URL similar to the one you intended to enter. No harm, no foul. Sometimes, though, your innocent mistake can lead to a not-so-innocent website.
According to McAfee.com, typosquatting deliberately targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com” or “Netflix.om” instead of “Netflix.com”). The effects of typosquatting can be relatively harmless, such as the user being redirected to objectionable material. However, the results can be much worse: users may land on a phishing site designed to collect login credentials, or the site may distribute malware or install ransomware. McAfee points out that when AnnualCreditReport.com, a legitimate site authorized by Federal law, was launched, dozens of similar domain names with intentional typos were purchased and used in phishing scams.
As more top-level domains (TLDs) become available, the opportunities for typosquatters have multiplied. For example, the TLDs for the countries of Colombia, Cameroon and Oman are .co, .cm and .om, respectively. You can see how someone could accidentally type Google.co or Googlec.om, for example, when trying to reach Google.com. That is the kind of error typosquatters count on. Using a domain name that users are likely to enter by accident brings traffic to the typosquatting sites which they can convert into advertising dollars or use to spread malware.
NakedSecurity did a survey of possible one-character mistakes in six popular domains: Facebook, Google, Twitter, Microsoft, Apple and their own domain of Sophos.com. They generated 2249 possible site names that were just one character off of the correct URLs, domains such as facemook.com. Of the 2249 domain names, 1502 resolved to actual websites. Some of those were legitimate sites that happen to have URLs similar to the sites included in the survey. Surprisingly, only one of the URLs they reviewed contained malware. However, many of the domains were attempting to sell domains, software or other products and services using sites that look like the real site they mimic.
We all make typos from time to time, so how can you protect yourself from typosquatters? McAfee points out that many typosquatters use email phishing to get consumers to visit their sites. They recommend that you pay close attention to the spelling of websites you visit and don’t click on links in emails, texts, chat messages or social networking sites. Additionally, Scambusters.org suggests:
- Use bookmarks for sites you visit regularly so you can avoid keying in the URL each time you go to the site.
- When you do enter a web address, type carefully.
- If you are not sure of the correct address of a website, do a search and do not try to guess the URL.
- If something on a site doesn’t look right, do not click on links or download anything.
