Another common internet scam is typosquatting or URL hijacking. Typosquatting is a type of cybercrime that involves websites creating that simulate well-known sites. Domain names registered by cybercriminals are very similar in spelling to real websites addresses. A mistake in a fictitious address is deliberately allowed by attackers. Thus, the attack is targeted at users who accidentally incorrectly enter the website address directly into the address bar. Cybersquatters register several domain names with a common (often misspelled) target address.
The main purpose of such fraud is: distribution of malware, scams, phishing campaigns, etc. Most of all, attackers are interested in social media, financial organizations, trading platforms where is a possibility to earn money on users. Users are often unaware that they are browsing or shopping on a bogus site.
Typosquatting is possible due to typos, spelling errors, or misunderstandings of a popular domain name. A user who made a mistake and did not notice it may accidentally end up on the attacker’s site. One of the victims of typosquatting was Google in 2006 by the site Goggle.com, which is considered phishing. Attackers also look for similar URLs such as foogle.com, hoogle.com, boogle.com, etc. Typosquatting poses a serious cybersecurity threat to businesses with high traffic volumes.
The main types of typosquatting:
The popularity of typosquatting is forcing large companies (Apple, Google, Facebook, Microsoft etc.) to register different variations of their domains or block potential misspelled domains through the Internet Corporation for Assigned Names and Numbers (ICANN).
How to avoid typosquatting?