Typo-squatting, also known as URL hijacking and fake URLs, is a type of attack that takes advantage of typos and other errors that Internet users make when entering website addresses into their web browsers.
If a user accidentally enters the wrong website address, they could be directed to another malicious URL
Typo-squatter URLs usually have similar characteristics to the original site address and fall into the following categories
- Common misspellings or foreign spellings of the intended site
- Misspellings due to typos
- Plural forms of singular domain names
- Different top-level domains. (.com instead of .org)
- Abuse of country code top-level domains (ccTLDs) (e.g., .cm instead of .co, .om instead of .com)
Typo-squatter similarities
Convosquatting: not a misspelling, but the addition of an arbitrary word that looks legitimate but can be registered by anyone.
Doppelganger domain: omitting periods or inserting extra periods
Doppelganger domain: omitting periods or inserting extra periods
Also seen is the behavior of appending terms such as “sucks” and “-suckes” to domain names
When visiting a typosquatter site, the logo, website layout, and content may be similar to the site used by the original domain, giving the user the illusion that they are actually on the real site.
Spammers sometimes use typo-squatting URLs to direct users to malicious sites that look like a certain bank’s site
Comments