Typosquatting

What is Typosquatting?

 

Typosquatting is a type of social engineering attack which targets internet users who incorrectly type a URL into their web browser. Typically, this means tricking users into visiting malicious websites with URLs that are common misspellings of legitimate websites. Users may be tricked into entering sensitive details into these fake sites.

The ‘typo’ in typosquatting refers to the small mistakes people can make when typing on a keyboard.

Typosquatting takes advantage of these common phenomena:

1. Typos: Typically, people who make common typos are going too quickly-- and are therefore susceptible to being fooled by a typosquat attack
2. Spelling Errors: Sometimes, a user has not made a typo per se, but simply doesn't know the correct spelling for a brand or product name. Malicious actors take advantage of these likely misspellings to direct users to scam sites.
3. Wrong Domain Endings: The range of domain endings for different countries, such as .com,.co.uk, .cn, etc, and also for different types of organizations (.com, .org, .edu, etc) makes it easy for typosquatters to trick you into thinking you're visiting the correct site.
   Note: Typosquatters are especially fond of the Columbian top-level domain, .co, due to its similarity the .com domain.
4. Hyphenating: Sometimes, typosquatters will add an extra hyphen or remove a required hyphen in a URL in order to trick the user into thinking they are on the correct site.