This blog post will focus on Typosquatting. More specifically what it is and how you can avoid it.
Typosquatting at it's basest level is the act of taking advantage of common misspellings of an official website's domain name. Although the website that is doing the typosquatting may take the deception further by using the same domain name and then using a different Top Level Domain.
An example of these ways of typosquatting can be found below:
Say the real website is example.com
You use a common misspelling such as exemple.com
The result: You are led to a different website then the one you intended to go to.
Alternatively, the website can have the exact same spelling, but a different top level domain such as example.net or example.org
Once on the typosquatter's website, the user can be deceived into believing that he or she has arrived to the correct website through the use of copied logos, website layouts, or content.
There are sevral different reasons for a typosquatter to buy a typo domain. These include, but are not limited to:
Selling the domain to the person or company who owns the legitimate website for a large profit.
To generate pay-per-click revenue from misspellings.
To redirect the typo traffic to a competitor.
To redirect to the legitimate website. This generates commissions for the typosquatter through the company's affiliate program.
To block malevolent use of the typo domain by others.
And there are also ways that typosquatters can use a typo domain for purposes that are much worse then generating pay per click revenue.
A phishing scam to be used with websites where someone must log in. This scam intercepts passwords that a victim enters unsuspectingly.
To install drive by malware or revenue generating adware onto a victim's computer.
To harvest misdirected email messages mistakenly sent to the typo domain.
To avoid this, you have two options that combat the problem as a whole:
Check the spelling of the website you enter into the address bar before you press enter.
Install a browser add-on such as Web Of Trust that can show you the reputation of the website. This can only work for websites that are not new, but considering as the number of users of Web Of Trust is at 81.5 million and counting, odds are it will not be long before many people notice the typo domain for what it is.
Thanks for reading. I invite users to comment with any questions or comments.
No comments:
Post a Comment