Typosquatting, a term which also goes by the name of URL hijacking, targets unsuspecting visitors who mistakenly type an incorrect website address in their web browser bar.
You are ready to visit your preferred online news site. Perhaps you enter “a” in place of “e” while writing the URL of your bank. Your beloved streaming website may have a hyphen in its address, but you forget to type it in your address bar. Seems possible, right? Happens a lot.
You may assume that these spelling errors or missed punctuation signs are not a big deal. But these minor typing mistakes could lead you to a fake site loaded with suspicious programs that might immediately cause some harm to your device. Or you could end up on a website that appears to be the same as the website of your bank. But when they request your username, email, and credit card number to confirm your identity and you enter it, and you are giving these details straight away to some fraudsters. This is because you have accidentally become another target of miscreants called typo squatters. Do you know what typosquatting is? Let us start with a basic typosquatting definition, and then we will investigate its types and methods to prevent typosquatting attempts.
What is Typosquatting?
Typosquatting is when somebody — maybe a cybercriminal, intruder, or just someone wanting to promote a brand or service — files a domain name that is a purposely misspelled copy of other famous websites. The purpose of typosquatting (URL hijacking) is to target the Internet users that make typing mistakes while writing the name of any website in their browser’s URL field.
A typosquatting attack will not become harmful until actual clients begin to visit the site. To make it possible, the attacker launches a phishing scam, usually via email, to persuade users to follow a link and visit the typosquatting site. Usually, these unauthorized websites have straightforward login screens with known logos that tend to replicate the design of the real business.
Suppose the visitors do not notice that they are visiting a fraudulent site and enter confidential data like their login, passwords, or banking details on the website. In that case, the hacker will get complete access to that information. If the targeted individual is using identical passwords throughout different sites, then his/her other accounts can also be misused.
From a business viewpoint, having a typosquatting assault linked to your web address may be a public relations catastrophe, even if you have not played a clear part in it, since it is viewed as reckless management of the internet. As a website owner, you must be vigilant in protecting against typosquatting to reduce the discomfort created by this type of scam.
When the international web address regulations were modified to permit everyone to create a website with an extension formerly linked to particular countries, a whole new wave of typosquatting assaults was generated.
How does Typosquatting work?
URL hijacking is made possible by typing errors, wrong spellings, or misunderstandings of a known website name. If the users commit an error while entering a web address and fail to recognize it, they can unintentionally end up on an alternate site managed by malicious hackers.
The alternate site can be managed by cybercriminals, advertisers, or anyone else with different purposes.
One of the early cases of such a cyber-attack occurred in 2006 when Google became the target of typosquatting by the Goggle.com website – such a site is commonly known as a phishing/scam platform. Typosquatters even had their eyes on URLs such as boogle.com, toogle.com, foogle.com, roogle.com, hoogle.com, and voogle.com due to their close similarity to “g” on the keyboard. This can be a big cybersecurity concern if your company gets a lot of visitors.
Here are the most common forms of typosquatting
- Typos: Making typing mistakes while entering the name of a popular website in the URL. For example, “Twitterr.com” instead of “Twitter.com”. (see the extra “r”)
- Wrong spellings: Many Internet users are not good at spellings, and typosquatters know this fact very well. So, whenever you make a spelling mistake in the address bar, you may end up on a compromised site. An example is “goggle.com” in place of “google.com”.
- Alternate spellings: Numerous websites use the alternate spellings of popular brands to trick the customers to their site.
- Wrong domain extension: Writing the wrong extension of a site, for example, entering “.com” in place of “.org”.
- Acting to be www: wwwgoogle.com vs www.google.com.
- Combosquatting: This includes adding or removing a hyphen in a domain’s name.
- Similar domains: These web addresses are nearly similar to their official versions, but a central dot is absent.
- Including an additional dot: It can go the opposite way, too. Assume that there is a legal website called “foumovies.com”. The squatter could make the platform “fou.movies.com”.
Here is the example of one of the leading payment websites.
Often, these typosquatting events are not particularly dangerous. You will only end up on a website to promote some other firm’s goods or services. But on other unfortunate occasions, you could arrive on a site that could cause significant harm to your device, manipulate you into giving up confidential or financial details, or splash sexual content over your screen.
The objective of Typosquatting
Why would someone devote time to making a fraudulent domain with a URL that is purposely spelled wrong? Typosquatters have a lot of reasons for this, like these:
Sell Their Domain
Some of the typosquatters are searching for a fast payday. If they create a fake website, say, bankofamereca.com, they will expect that the real Bank of America will buy their site. Bank of America will then utilize the wrong spelled website to redirect typists — those who commit the same spelling mistake – to the bank’s original site.
Many typosquatters use misspelled sites to advertise their content, goods, and services. If you enter the wrong domain name in the URL field and land on one of these websites, owners can receive cash from all additional ad impressions. And if you tap on either of those advertisements on that site, the squatter will make even more money.
Earning from Affiliate Links
Few squatters will redirect you straight to the right website after you have arrived on their purposely misspelled site. But they do this via an affiliate link. The manager of the hijacked URL would then receive profits from the affiliate.
Some typosquatters try to steal your confidential and financial details using a tactic known as phishing. These malicious hackers may build a counterfeit site that appears like your bank’s website. If you make a mistake when writing the name of your bank’s website in the address bar, you will be directed to this phony site. You will be asked to give some details to log in to your banking app, like your username, account details, and password. When the fraudsters behind this scam site have your login details, they can exploit it to enter your bank account and do what they have permission to do on that site.
Identity thieves can do the same thing with online credit card websites. Phishers will try to persuade you to insert your credit card details, website password, and username by making a fraudulent website that again, seems like a valid one – operated by your credit card organization. After you have given your sensitive information, typosquatters will be able to make transactions via your credit card.
Install the Malicious Program On Your Device
Several typosquatting websites are purposely built to inject your device with malware. Some could install false virus security software that ends up making your machine almost impossible to operate. Fraudsters who installed the program on your computer could then ask for a hefty amount to uninstall the virus, but without any assurance that they will genuinely remove it.
Other squatter websites can attempt to infect your device with a virus that tracks your keyboard strokes and websites you visit while browsing. Attackers can use this data to log in to password-protected pages, reach your online bank account, or spy via your private email messages.
Some companies purchase sites that are common misspellings of their domains. The reason for this is that they want individuals who are attempting to visit their websites to eventually get to them even though they make a common typing mistake.
How Do You Prevent Typosquatting Scams?
Follow these typosquatting protection techniques to secure yourself and your business from typosquatting frauds:
Information is among the most crucial ways of combating typosquatting sites. Raise the knowledge of the employees against these fraud tactics by recommending that they should not navigate straight to the websites by entering the website URL.
They can utilize the search engine or voice control and bookmark pages rather than entering the website name in the browser at any time.
The best approach to secure yourself from typosquatting is to write correctly when entering the website name in the URL field. It is possible to make spelling errors when you type fast. That is why it is essential to always verify the spellings of a website before tapping on a web page. Double-check on the address bar to ensure you have landed on the right site after you are on the page.
Before logging in to your account or providing any sensitive information online, always confirm that the website you are visiting has a valid SSL certificate. A website with an SSL certificate has a padlock sign on it that ensures its identity to the visitors. Make sure that the site URL begins with HTTPS (Hypertext Transfer Protocol Secure) instead of a non-secure HTTP. This indicates that you are browsing a safe website where your information is encoded and secured. Never enter any sensitive data on a platform that does not have any of these symbols. It is also wise to inspect the SSL certificate to ensure it belongs to the site you intended to land on.
Register Your Website and Trademark
To make things complicated for typosquatters, you should register your website and trademark. With a registered trademark, you can file a Uniform Rapid Suspension (URS) lawsuit with the World Intellectual Property Organization and turn down the website that you believe has the purpose of tricking consumers away from your page into a typosquatting site.
You can also register several spellings of your site, such as singular, plural, and hyphenated variants, together with various extensions such as .org, .com, and .net.
Avoid Clicking Links on Emails.
You could get an email pretending to be coming from your bank urging you to tap on a link to confirm your account details. Don’t press here! Your bank would never write you emails like that. When you tap, you will be brought to a phony site that looks like the original website of your bank. This site will then request you to submit your confidential and financial details to validate your identity. No doubt, it is a trap set by cybercriminals. When you give this data, it can be used by criminals to access your bank account and for many other malicious purposes. Instantly remove these types of emails from your device. If you are concerned that your bank needs your records, call your client service representative, and inquire about it.
People are likely to make errors. When you have hundreds of thousands of individuals across the globe typing in a famous website address, it is no wonder that a small proportion inserts a typo in the address bar. Malicious hackers are attempting to leverage this pattern by typosquatting.
It is tough to prevent fraudsters from creating websites with any available URL, and you cannot buy all the ones to cover such scenarios, so the only possible way we can decrease the typosquatting attempts by concentrating on how they spread. The best defense is to develop trust with your customers by using appropriate SSL certificates and be vigilant in detecting typosquatting assaults. The detailed guidelines about typosquatting and its prevention techniques, as explained above, will help you to make typosquatting attempts unsuccessful.