Typosquatting, the malicious malware method that’s just one mistyped key away from your favorite websites

Typosquatting, or “typesquat” for short,  has been around for years. It’s a way that tricks people into thinking they are on the website they want to be, however it is a fake website using a similar name but one letter swapped, or an s added to the URL.  

Recently, cybersecurity experts have noticed a large uptick in usage of these malicious campaigns and are warning people to stay vigilant.  

These maIicious websites can be very difficuIt to spot. Many are direct clones of the actuaI website in design, and extremely convincing.  

In fact if we told you that the above sentence actually has typos in it you might be surprised since we bet you did not notice. (Some of the L’s are actually upper case I’s!)  

That’s the same premise for the fake website URL’s.  

Typosquatting examples
  1. Direct typos – often accidentally stumbled upon by a misspelled letter when typing too fast

  2. Spelling errors – often when a brand name does not have a straight foward spelling, leading to confusion when searching for their website

  3. Regional spellings - example: favorite (US) versus favourite (UK)

  4. Hyphenated domain names – often with additional hyphens added (online-shop.com versus online-shop-here.com)

  5. Alternate URL endings – such as .com, .net, .co, .org, .web, etc or specialized country domain endings such as .uk, .jp, etc.

Cyber Intelligence firm, Cyble, recently published a report on this subject after discovering many of the fraudulent websites currently active as part of typesquat attacks. While many of the websites originally listed focused on mobile phone downloads for apps, a source from BleepingComputer.com was able to uncover further details on PC websites:

details on PC websites

In total over 200 fake websites were found to be impersonating 27 popular brands. These websites included things such as malware, viruses, and cryptocurrency key snaggers.  

Some notable examples include fake Microsoft websites and a fake Notepad download site.  

include fake Microsoft websites
include fake Microsoft websites02

While some browsers might give warnings when you try to visit a fake or malicious web site, BleepingComputer reports that many they tried were not blocked or flagged as suspicious. It’s extremely important to check the validity of the URL’s you are typing and visiting to make sure they are legitimate.  

Ways to protect yourself from typosquatting:

Worried your current or lack thereof of cybersecurity practices are putting you and your company at risk? Call us today for a FREE Cybersecurity Risk Assessment where we’ll tell you if you’re Cyber Smart or unprepared. 646-374-1820.