Typosquatting, also known as URL hijacking, is a form of cybersquatting (sitting on sites under someone else’s brand or copyright) that targets Internet users who incorrectly type a website address into their web browser (e.g., “Gooogle.com” instead of “Google.com”). When users make such a typographical error, they may be led to an alternative website owned by a hacker that is usually designed for malicious purposes.
Hackers often create fake websites that imitate the look and feel of your intended destination so you may not realize you’re at a different site. Sometimes these sites exist to sell products and services that are in direct competition with those sold at the website you had intended to visit, but most often they are intended to steal your personal identifiable information, including credit cards or passwords.
These sites are also dangerous because they could download malicious software to your device simply by visiting the site. So you don’t even need to click on a link or accept a download for dangerous code to install on your computer, smartphone or tablet. This is called a drive-by download and many typosquatters employ this as a way to spread malicious software whose purpose is to steal your personal information.
In some cases, typosquatters employ phishing in order to get you to visit their fake websites. For example, when AnnualCreditReport.com was launched, dozens of similar domain names with intentional typos were purchased, which soon played host to fake websites designed to trick visitors. In cases like this, phishing emails sent by scammers spoofing a legitimate website with a typosquatted domain name make for tasty bait.
In order to protect yourself against typosquatters, I recommend you:
Pay close attention to the spelling of web addresses or websites that look trustworthy but may actually be close imitations of the online retailer you are looking for.
Instead of typing the web address into your computer, make sure you have a safe search tool, like McAfee® SiteAdvisor® which comes with McAfee® LiveSafe™ that provides warning of malicious sites in your browser search results.
Don’t click on links in emails, texts, chat messages or social networking sites.
Invest in a comprehensive security solution like McAfee LiveSafe™ service that protects all your devices, your identity and data.
There are more ways to scam people online than ever before. Your security intelligence is constantly being challenged, and your hardware and software are constant targets so make sure you stay educated and use common sense!
Robert Siciliano is an Online Security Expert to McAfee. He is the author of 99 Things You Wish You Knew Before Your Mobile was Hacked! (Disclosures)
ROBERT SICILIANO, CEO of IDTheftSecurity.com is fiercely committed to informing, educating, and empowering Americans so they can be protected from violence and crime in the physical and virtual worlds. His "tell it like it is" style is sought after by major media outlets, executives in the C-Suite of leading corporations, meeting planners, and community leaders to get the straight talk they need to stay safe in a world in which physical and virtual crime is commonplace. Siciliano is accessible, real, professional, and ready to weigh in and comment at a moment's notice on breaking news.
- Typosquatting for Fun and Profit
Typosquatting, which is also known as URL hijacking, is a form of cybersquatting that targets Internet users who accidentally type a website address into their web browser incorrectly. When users make a typographical error while entering the website address, they may be led to an alternative website owned by a cybersquatter or criminal hacker. Typosquatters often create
- What is a “Drive-By” Download?
Gone are the days when you had to click to “accept” a download or install a software update in order to become infected. Now, just opening a compromised web page could allow dangerous code to install on your device. You just need to visit or “drive by” a web page, without stopping to click or accept
- What is Browser Hijacking?
Imagine it. You sit down at your computer about to do your daily perusal of Buzzfeed or check out The Financial Times but your homepage is now some weird search engine you’ve never seen before. Guess what? You’ve been hijacked. Browser hijacking is when your Internet browser (eg. Chrome, FireFox, Internet Explorer) settings are modified. Your
- Social Media is a Criminals Playground
Social media has become a playground for adults, teens, and tweens. And like on any playground, when you hit the jungle gym or horseplay on the seesaw, there is always a chance that you may go home with an egg on your forehead. Or, if you are like me, a broken collarbone. Twitter and Facebook have
- Criminal Hackers Create 3 Million Fraudulent Websites Annually
A recent study shows that organized criminals create approximately 8,000 malicious websites every day, or over 57,000 each week. These malicious websites model legitimate websites that we visit every day, such as bank websites, online shopping sites, and eBay. According to this study, the most frequently impersonated companies include Visa, Amazon.com, PayPal, HSBC, and the United States