Be careful the next time you try to visit a website by typing the URL into the address bar of your browser – you might land on a website hosting ads for scam products, or worse, a website designed for phishing or hosting malware.
“Typosquatting” is when a crook or scammer registers misspelled domain names (think faceboook or goggle) in the hope of stealing traffic from those legitimate sites for nefarious purposes.
A few years ago, we conducted an experiment to find out how widespread and dangerous typosquatting is, surveying all possible one-character typing errors for six .com domains: Facebook, Google, Twitter, Microsoft, Apple and, for comparison, Sophos.
We discovered 1500 of these websites were registered, including 3% of them we classified as related to cybercrime.
Unfortunately, typosquatting goes way beyond those six companies and websites on the .com top level domain (TLD) that we studied.
As of March 2016, there are more than 1200 TLDs assigned by the Internet Corporation for Assigned Names and Numbers (ICANN) – the non-profit organization responsible for managing the top-level domain name system and Internet Protocol (IP) allocation – from .TV and .biz to .XXX and .sucks.
And there are 251 country code TLDs, representing nearly every country and overseas dependent territory on Earth.
Researchers from the cybersecurity company Endgame recently stumbled across typosquatters taking advantage of the county code for Oman, .om, by mistyping netflix.com as “netflix.om.”
This page led to a page with a pop-up warning users to update their Flash player, a tactic used by cybercriminals to trick people into downloading malware.
Investigating further, the Endgame researchers discovered hundreds of typosquatting sites targeting well-known organizations using the .om TLD, including Netflix, TripAdvisor, the BBC, Twitter, Hyatt and Panasonic.
According to Endgame, “the vast majority of .om registered domains are malicious,” and they are receiving a “non-trivial amount of traffic.”
Equally concerning, says Endgame, is that many popular brands have not registered .om domains, and therefore are vulnerable to typosquatting.
Endgame found that a handful of enterprising scammers have taken advantage of the fact that several websites are selling .om domains, with only a legitimate email address needed for identification.
Typosquatting is costly for businesses – according to the Coalition Against Domain Name Abuse (CADNA), trademark owners who want to pay to block registration of their names across hundreds of new gTLDs could pay as much as $330,000 to protect their brands from cybersquatters.
CADNA says there aren’t enough legal protections for brand owners, or strong enough penalties to keep squatters in check.
But there is something you can do to fight the typosquatting problem, by making it less profitable.
Avoid potentially harmful domains by bookmarking your favorite websites and using search engines instead of typing the web address.
You can get more tips and advice in this helpful article about typosquatting and phishing sites.
To see quick overview of our typosquatting report, check out the following video.
(No video? Watch on YouTube. No audio? Click on the [CC] icon for subtitles.)
Image of computer mouse trap courtesy of Shutterstock.com.
