Typosquatting, also known as URL hijacking or a fake URL, is a type of social engineering attack which targets internet users who incorrectly type a URL into a web browser—for example gooogle.com instead of google.com. When a user makes a typo like this, they may be led to an alternative website owned by a cybercriminal that is usually designed for malicious purposes, such as fraud or malware spreading. Users can also be lured there by a phishing email which contains a link to the typosquatted website.
How does it work?
A typosquatting attack starts with cybercriminals buying and registering a domain name that is similar to a popular website but with common typographical errors to exploit unsuspecting users who mistype the URL. Retailers, banks, and social media sites are all common targets.
The typosquatting domain is dangerous for any visitor. The fake website is usually designed to look like the real one, copying the organisation’s logo and design. Users who do not realise they are visiting a fake website may be tricked into giving away sensitive information, such as their username, password or credit card details.
One of the most notable real-world typosquatting examples is the 2020 US presidential election. In one report, Digital Shadows found 550 typosquats relating to the 34 presidential candidates. The fact that 66 of them were hosted on the same IP address and possibly operated by the same person shows how easy it is to launch such attacks. Facebook, Twitter, and Google have all had to use lawsuits or the threat of lawsuits to remove typosquatted domains.
Why should I care about it?
According to IBM Cyber Security Intelligence Index Report, human error is the main cause of 95% of cyber security breaches. It’s easy to fall for a typosquatting attack through simple human error: typos, spelling errors, alternative spellings, hyphenated domains and wrong domain endings (.co instead of .com), or by clicking on a link that looks correct at first glance. v
Preventing these attacks could help reduce breaches significantly. One key way to do this is with training. By providing employees with knowledge on the nature of these attacks, and what they can do to minimise the risk of falling victim to typosquatting, organisations can greatly reduce the risk of successful attacks.
Who’s talking about it?
From Microsoft and McAfee to Proofpoint and Kaspersky, all the major cybersecurity players are talking about it and have dedicated pages to it on their websites, demonstrating its importance.
Useful links:
What is typosquatting and what’s the difference with cybersquatting?
How can you prevent being misled by typosquatting?
If you are struggling with any technical jargon or want a simple explanation for that complex tech you are working on, let us know and we will simplify it for you!
