What is Typosquatting? How do you protect yourself from it?

Are you prone to finger obesity when writing? While typing an “e” instead of an “a” or forgetting the “hyphen” when typing the address of your favorite websites seems harmless, it can make you a victim of a sinister practice known as typosquatting.

Typosquatting occurs when a cyber criminal purchases and registers a misspelled domain name for a popular website. The purpose of typos is to target Internet users who make typos when searching for websites.

But how does my typo work and what are its different types? What do criminals get out of plagiarism, and are there ways to protect ourselves from it?

How does Typosquatting work?

When cybercriminals purchase and register “misspelled” domain names as copies of legitimate websites, they may add an extra vowel or substitute a character such as “goggle.com” in place of “google.com”. Once the user mistypes the URL, they are directed towards fraudulent websites instead of real ones.

If users are not aware that they have come to a fake website, they may end up exposing personal information and even start shopping for items without their knowledge.

Types of Tibisquatting

Close-up of an example website URL

Image Credit: Chris Delgoz /flickr

The earliest examples date back to 2006 when Google became the victim of a typo by a phishing site registered as “goggle.com”. Try typing “foogle.com” or “hoogle.com”, and you’ll likely find fake websites trying to lure you into buying their products or giving out personal information. As you can imagine, this can be a major security concern for popular websites that regularly attract a large number of visits.

Here are the different types of plagiarism tactics that cybercriminals can use:

Typos: Wrong addresses of well-known and popular websites such as ‘facebook.com’. Note the additional “A”.

Incorrect spelling: Typosquatters takes advantage of the fact that most Internet users are not spelling bees. Anytime you make a misspelling while typing a URL into the address bar, you may end up on a fake website instead.

Alternative spelling: Innocent users may be misled by alternate spellings of well-known brand names or products. For example, “getphotos.com” versus “getfotos.com”.

Add “www” to the URL: Typing tools may pretend to be “wwwgoogle.com” instead of “www.google.com”.

Wrong field extension: Changing the extension of a site, for example, entering “.com” instead of “.org.”

Compositing: Typosquatters adds or removes a hyphen in a domain name to fraudulently direct traffic to a mistyped domain. For example, “face-book.com” instead of “facebook.com”.

Including an extra point: Adding or removing a dot in the middle of the field is another method of typographical trickery. So, instead of “fandango.com”, it could be “fan.dango.com”.

Similar fields: These web addresses are imitations of their official versions, but the central point is absent.

Reasons why cybercriminals use Typosquatting


Image Credit: Gorodenkoff / Shutterstock.com

Typo hack incidents have risen so much in the past that they have prompted notable companies like Google, Apple, Facebook, and Microsoft to take some extra action. These companies now either record typographical variations of their domains or block typographical probability domains through the Internet Corporation for Assigned Names and Numbers (ICANN) service.

Here are some common reasons and motives behind typographic writing:

Creating malicious websites: Some cybercriminals use plagiarism to develop malicious websites that install malware or ransomware (such as WannaCry), phishing personal information, or stealing credit card data.

Bait and switch: Typosquatters creates fake websites to sell items that users are supposed to buy at the correct URL. While they get payment information from users, no items are sent to them.

imitators: Some typographers use fraudulent websites to perform phishing attacks on their victims.

parking field: Sometimes the owner of a typographic domain may try to sell the domain to the victim at an unreasonable price.

joke site: Some typographic tools create a website to make fun of a simulated brand or brand name.

List of search results: A typo may direct traffic dedicated to the real site to its competitors, charging them on a pay-per-click basis.

Surveys and giveaways: The fake website provides visitors with a feedback or survey form that aims to steal sensitive information.

income generation: Fake website owners may place ads or pop-ups to generate advertising revenue from unaware visitors.

Affiliate links: A fake site may redirect traffic back to the brand through affiliate links to earn a commission on all purchases via the brand’s legitimate affiliate program.

Related: Ways to spot a fake retail website

Methods of protection from burglary

A stack of domain names on the keyboard

Image Credit: maxxyustas /deposit

While searching for websites clogged with typos is not easy, there are several ways organizations and individuals can protect themselves from attempts at typographical burglary:

Brand your website domain

The best defense against typos is to register and trademark your website. A registered trademark allows you to file a Uniform Rapid Suspension (URS) claim with the World Intellectual Property Organization. This can also help you reject a website that you think is intended to deceive consumers away from your page into a typographical fraud website.

You can also register various spelling variations of your site, such as singular, plural, and hyphen variants, along with many extensions such as .org, .com, . net.

Use open source tools

An open source tool like dnstwist can automatically scan your website’s domain to determine if a typo attack is already in progress or waiting to occur. You can use dnstwist through a series of shell commands on Linux systems, but if you are in a hurry, you can try it out in your web browser by heading to dnstwist.it.

Monitor site traffic closely

Closely monitoring traffic is also an effective way to spot a typo attack. You can also set up an alert for any time there is a sudden drop in visitors from a specific area. This may indicate that users are being redirected to a fake website.

Host your domain with the right ISP

Some ISPs offer typo protection as part of their product offering. Therefore, it is a good idea to host your domain with these ISPs. Not only does this provide an extra layer of web filtering, but you are also alerted any time a user mistypes a URL and is redirected to an appropriate domain.

Find potentially spoofed domains

Many third-party vendors offer services to find potentially phishing domains. The World Intellectual Property Organization (WIPO) has a Uniform Domain Name Dispute Resolution Policy (UDRP) that allows trademark owners to file complaints against typos and restore the domain.

Use anti-spoofing technology and secure email

To mitigate typo attacks, you should also invest in anti-spoofing and secure email technology that can identify areas of typo and potential malware.

Related Topics: What is DMARC and How Does It Help Prevent Email Spoofing?

User training and awareness

Awareness is key when trying to defeat typographic domains. Enlighten yourself and your employees to stay vigilant against these fraud techniques. You can start by telling them to avoid going straight to websites. Instead of typing a website address each time into their browser, they can use a search engine or voice commands and bookmark sites instead.

Be proactive and reduce your typing speed

As human beings, we are prone to making mistakes, and writing is no exception. Typosquatting is a type of social engineering attack that relies on psychological manipulation of individuals and their vulnerabilities.

Certainly, we cannot prevent scammers from creating fake websites or buying all domains that fall under these criteria. However, we can still reduce these incidents by being more vigilant, proactive, and learning how this crime spreads.

Fingerprint protection
What are browser fingerprinting and how can you defend yourself against it?

A hidden practice marketers use, browser fingerprinting can track you across the Internet.

read the following

About the author

(Visited 1 times, 1 visits today)

Related posts