As we navigate the internet, it’s easy to fall victim to scams that aim to trick us into revealing sensitive information or downloading malicious software. One such threat is known as typosquatting, a simple but effective cyberattack that can catch almost anyone unawares.
What is Typosquatting?
Typosquatting occurs when an attacker registers a domain name that is similar to a legitimate website’s domain name. One way they do this is using addresses with common typos, like Gooogle.com or Microsfot.com. They may then try to sell these domain names to the owners of the correct address – or they may use them to create fake websites designed to fool their victims.
The goal is to trick users into typing in the incorrect URL, which leads them to a fake website that may appear identical to the real one. Once you land on the malicious site, you may be prompted to enter sensitive information like your login credentials or credit card numbers.
How Does Typosquatting Work?
Typosquatters use various tactics to trick you into visiting their fake sites:
- Similar domain names, like the examples above. At first glance, these domains look the same as the ‘real’ address, but these fake website addresses prey on common typos – and they look legitimate at first glance too.
- Phishing emails and messages coming from a similar domain name can fool victims. Receiving an email from google-search.com may appear to have been sent by Google – but it wasn’t.Â
- Ads on reputable sites can be hijacked to redirect you to a typosquatted site.
How to Protect Yourself from Typosquatting
Protecting yourself against typosquatting attacks doesn’t have to be difficult:
- Double-check URLs. Before entering sensitive information or clicking a link, make sure the website address is spelled correctly.
- Verify website authenticity. Check if the website’s certificate is valid and trustworthy (look for “https” in the URL). You can also click the padlock icon in your address bar to learn more about the domain.
- Use antivirus software. Install reputable antivirus software that includes web protection to scan your browser for malicious sites. You can download a free trial of Panda Dome to get started right away.
- Keep your browser updated. Regularly update your browser and operating system to ensure you have the latest security patches which will help secure you against infection.
- Avoid suspicious links and ads. Be cautious when clicking on links or downloading attachments from unknown sources. If an offer seems too good to be true, it probably is.
Typosquatting is a very basic attack – and you can protect yourself simply by being aware of what you are typing and clicking online. The simple precautions outlined here will help you protect yourself from these types of cyberattacks.Â
Panda Security specializes in the development of endpoint security products and is part of the WatchGuard portfolio of IT security solutions. Initially focused on the development of antivirus software, the company has since expanded its line of business to advanced cyber-security services with technology for preventing cyber-crime.
Panda Free Antivitus
FREE TECHNICAL SUPPORT
