Typosquatting, the malicious malware method that’s just one mistyped key away from your favorite websites
Typosquatting, or “typesquat” for short, has been around for years. It’s a way that tricks people into thinking they are on the website they want to be, however it is a fake website using a similar name but one letter swapped, or an s added to the URL.
Recently, cybersecurity experts have noticed a large uptick in usage of these malicious campaigns and are warning people to stay vigilant.
These maIicious websites can be very difficuIt to spot. Many are direct clones of the actuaI website in design, and extremely convincing.
In fact if we told you that the above sentence actually has typos in it you might be surprised since we bet you did not notice. (Some of the L’s are actually upper case I’s!)
That’s the same premise for the fake website URL’s.
Cyber Intelligence firm, Cyble, recently published a report on this subject after discovering many of the fraudulent websites currently active as part of typesquat attacks. While many of the websites originally listed focused on mobile phone downloads for apps, a source from BleepingComputer.com was able to uncover further details on PC websites:
In total over 200 fake websites were found to be impersonating 27 popular brands. These websites included things such as malware, viruses, and cryptocurrency key snaggers.
Some notable examples include fake Microsoft websites and a fake Notepad download site.
While some browsers might give warnings when you try to visit a fake or malicious web site, BleepingComputer reports that many they tried were not blocked or flagged as suspicious. It’s extremely important to check the validity of the URL’s you are typing and visiting to make sure they are legitimate.
Ways to protect yourself from typosquatting: