Typosquatting: Beware of typos and spelling mistakes in URLs
A typo or spelling mistake when entering a URL can quickly become fatal. Cyber criminals use the most common misspellings in the names of popular websites to lure users to fake sites. This phenomenon is also called typosquatting.
What is typosquatting?
Typosquatting is a specific and particularly deceptive form of cybercrime. Criminals intentionally create fake websites for popular web domains, which only differ from them by frequent typing or spelling errors.
The aim: to lure unsuspecting users to insecure websites, for example in order to steal sensitive data. Spicy: Not only the URL of the fake domains resembles the original counterparts. The appearance of the websites is also based on the real pages.
How does typosquatting work?
Typosquatting starts with buying and reserving a specific domain. This differs only slightly from a popular original website. For example, in 2006, cybercriminals reserved the goggle.com domain to direct users to a phishing site instead of the search engine.
Similar to this case, typosquatters pursue different goals. Either they hope that users will reveal personal information such as bank details or logins. Or they place dubious advertisements on the fake website to generate high income.
Another form of typosquatting is the so-called combosquatting. Cyber criminals reserve web domains that differ from the corresponding original website by additional words or suffixes. An example: “amazon-shopping.com”.
This is how you can protect yourself from fake websites
Typosquatting is not only a problem for affected users, but also for companies whose websites are impersonated. Because every user who ends up on a fake website is also a potentially lost customer. Many companies and organizations are therefore actively looking for imitations of their websites in order to take action against them.
To avoid ending up on a phishing website due to accidental typos or misspellings, it can be helpful to use a search engine to find the desired target website instead of typing the URL directly. Since typosquatting domains are often spread via spam and phishing emails, it is worth taking a closer look at your email inbox.
For example, phishing links can already be identified via a dubious sender address. You should also avoid opening e-mail attachments unless the source is clearly identifiable. In turn, companies and organizations have the opportunity to reserve domains with typos or misspellings themselves before criminals do.
Also interesting:
- Out of Control: This is what you can do when your mouse moves by itself
- Apple Watch: How to use the tip function in the calculator app
- What is HDR actually – on smartphones and on televisions?
- Changing the battery: EU prohibits glued batteries
The article Typosquatting: Beware of typos and spelling mistakes in URLs by Fabian Peters first appeared on BASIC thinking. Follow us too Facebook, Twitter and Instagram.
