Typosquatting (also known as URL hijacking, sting sites, or fake URLs) is a form of cybercrime where hackers register domain names that are common misspellings of popular, legitimate websites. The goal is to trick users who accidentally make a typo while typing a web address into their browser into visiting a malicious site instead of the real one.

How Typosquatting Works?

The entire scheme relies on human error specifically, fat-finger dialing or cognitive slips. Here is a typical scenario:

• User Typo: You intend to visit bankofamerica.com, but you accidentally type bankofameirca.com (swapping the ‘i’ and ‘r’).
• Redirection: Instead of getting an error page, you land on a website that looks identical to the official Bank of America login page.
• Trap: Believing you are on the legitimate site, you enter your username and password. The attacker has now captured your credentials.

Common Types of Typosquatting Tactics

Attackers use several variations to register confusingly similar domains:

• Common Misspellings: Swapping letters or using common typos (e.g., googel.com instead of google.com).
• Phrasing/Combos: Adding a word to the brand name (e.g., netflix-login.com or apple-security.com).
• Alternative Top-Level Domains (TLDs): Using a different extension, such as amazon.co or paypal.om instead of .com.
• Combosquatting: Adding or removing punctuation, like face-book.com.
• Homograph Attacks (Look-alike characters): Using characters from different alphabets (like Cyrillic) that look exactly like Latin characters. For example, replacing a Latin ‘o’ with a Cyrillic ‘о’. To the naked eye, the URL looks perfect, but it routes to an entirely different server.

What is the Goal of a Typosquatter?

• Phishing & Data Theft: Mimicking the original site to steal login credentials, credit card details, or personal identifiable information (PII).
• Malware Distribution: Setting up the site to automatically trigger drive-by downloads, infecting the visitor’s device with ransomware, spyware, or keyloggers.
• Ad Revenue (Affiliate Fraud): Loading the page with ads or redirecting the user back to the legitimate site using an affiliate link, forcing the brand to pay a commission for traffic they would have gotten anyway.
• Domain Flipping (Extortion): Holding the misspelled domain hostage and trying to sell it back to the actual brand at an exorbitant price.

How to Protect Yourself?

Because typosquatting relies on user error, the best defenses are proactive browsing habits:

• Bookmark Important Sites: Bookmark your financial institutions, email providers, and frequently visited sites rather than typing the URL manually every time.
• Use Search Engines: If you aren’t 100% sure of a URL, search for the brand on a search engine and click the verified result.
• Look for Security Clues: Double-check the address bar before entering any sensitive information. Look closely for swapped letters, extra dashes, or odd domain extensions.
• Use Voice Search or Autofill: Utilizing your browser’s predictive text or password manager can prevent manual typing mistakes from routing you to the wrong server.