.png)
As we enter Halloween, the larger national holidays such as Thanksgiving and Christmas are closing in. It’s a stressful time of year, causing a lot of folks to not act rationally how they usually would. Scammers are aware of this more than ever and will do whatever it takes for you to fall into their trap. How do they try to get you? Sometimes it’s not as obvious, sometimes its overlooking how a website HTTP link is typed out incorrectly. The term for this type of social engineering scam is called Typo squatting.
What is Typo Squatting?
Typo squatting is a social engineered attack that targets internet users who incorrectly type a URL into their web browser rather than using a search engine. The 'typo' in typo squatting refers to the small mistakes people can make when typing on a keyboard. Of course, it isn’t our main intention to incorrectly misspell a website, we usually expect Google or our devices to understand what we are looking for and bring us to the correct location. Instead hackers use that to their advantage to lure you in for a much larger attack.
With the proper engineering tactics, scammers will mimic the website you are searching for in looks and feel. If you don’t catch on to it soon, submitting sensitive information will bear some heavy consequences to be dealt with at a later more inconvenient point in time.
How Does This Particular Social Engineered Scam Work/Affect Me?
Like an artist trying to become known on social media platforms and utilizing search engines, they also make the choice to buy a personalized domain name aligning with their branding. Scammers do similar actions but will buy multiple domains, especially misspelled ones. We are so used to the ‘Did You Mean ___?” that we would think it’s the correct website to understand what we were referencing as. Since a lot of this information has gotten easier to access, it also allows scammers to cover all bases to try and trick unsuspecting victims through URLs whether through search engines or website links through emails.
Examples of Misspelled Domains:
- gooogle.com
- hoogle.com
- foogle.com
(Letters that are close to the letter 'g' on a qwerty keyboard)
examplle.com - americanaairlines.com (Personally had to catch my spelling on this one earlier this year but lots of good cybersecurity training made all the difference)
- YouTubee.com
- Roverr.com
While misspelled domains aren’t going to magically go away in the evolving cybersecurity environment, the real danger is when real users begin to visit the website through a phishing attempt via email or by accidental spelling error.
Upon arrival, sometimes there may be the screen that pops up ‘this website is not using secure network”. If that doesn’t pop up, the typo squatting website will mimic the website its impersonating using the same logo and design as the real organizations.
At the end of the day, typo squatters rely on user confusion and human error, something that makes us human.
Wrong Domain Endings
As we usually focus on the spelling of a domain, another consideration are wrong domain endings.
Some wrong domain endings to keep aware of especially if they’re international are:
- .com
- .org
- .web
- .shop
The most common one that we usually see if .co which can look abbreviated to .com but that lack of ‘m’ is intentional and to throw you off.
How to Protect Yourself and How Ekaru Can protect You from Typo Squatting
- When being sent an email, an example can be;
“Hey! I would like to commission you on this music video, here’s the YouTube link.” An artist that relies on commissions appears as a great opportunity, especially if they are transparent about pricing. However, it’s essential to avoid clicking on links from people you do not know. This also implies text messages, social media, chats, unknown websites, and fake order confirmations. - Unless it is someone you know and trust, avoid opening any email attachments.
- Use software that protects you from typo squatting scams before they reach your inbox. Ekaru provides software’s such as Threat locker, Black point, Webroot and more!
- Worried about losing your favorite site, bookmark them! More efficient and don’t have to type it in your web browser either.
- If you are curious the link that is sent, hover over it with your mouse to inspect before clicking.
Steps for Organizations
For organizations an IT/MSP provider like Ekaru is essential to help your organization stay a step ahead from meticulous cyber attempts and monitoring for inaccurate domain registrations. By continuous domain registrations and traffic patterns, we can help quickly identify lookalike or fraudulent domains that are maliciously designed to deceive users.
Our team has tools that will block malicious pages - So, if you go onto a website that possibly is malicious, our logo appears saying ‘Ekaru blocked this website from your organization’ from there you must request permission through us if you want to access this website.
Aside, Ekaru also provides exceptional employee cybersecurity awareness training and protective threat intelligence to stay ahead of emerging scams.
The combination of technology, vigilance, attention to detail, and education Ekaru provides makes us an essential part of your small to medium sized business to protect themselves from typo squatters, scammers, and email phishing attempts alike.
Interested in learning more about our services and taking the next step for your business cybersecurity needs? Reach out to Ekaru today by giving us a call at 978-692-4200 or visiting our website to see our services, what clients are saying about us and getting to know our team!