Typosquatting: How a Simple Typo Can Lead to Trouble

Typosquatting protection starts with education

Typos happen. But typosquatting can render big problems for those who mistype into the browser bar these days. But what is typosquatting? What risks does it pose to searchers, and how can you ensure typosquatting protection for your business and your employees? Let's take a closer look.

Misspelling words or mistyping them is simply a part of our modern, tech-driven lifestyles. In most cases, a misspelled word might just require a quick edit. But when searching from the browser bar, correct spelling becomes extremely important. That's because cybercriminals and opportunists know we make typing errors and misspellings...and they've perfected the art of capitalizing on it through typosquatting.

What is typosquatting?

Typosquatting is the practice of registering domain names that are misspelled intentionally, or using a different suffix (for example, .com versus .gov), with the knowledge it's likely internet searchers will misspell a site URL. It's sometimes referred to as URL hijacking. In some cases, those who purchase the misspelled URL simply hawk their wares—they trick you into going to the site so they can capture business. But others who practice typosquatting have decidedly more sinister intentions, sometimes infecting your system with malware, or capturing your data. Cybercriminals will even create a website that looks like the legitimate site you are trying to reach so they can get your usernames, passwords, and other private information. Typosquatting is definitely a "searcher beware" situation.

Typosquatting protection: What you need to know

Here are our best tips for protecting yourself, your business, and your employees from typosquatting scams.

• Type with care. When you are searching for a specific URL, take your time and double-check what you've typed. Don't click on the URL until you are certain it is the right one. Sophisticated cybercriminals are gifted at making sites look like the ones you intended to visit.
• Beware of unsolicited emails. Unsolicited emails can contain links to malicious sites and malware. Even if the emails look legitimate, type the site you know and trust into the browser bar or search for the legitimate site before you proceed. Links within seemingly legit emails can easily trick users into going to a typosquatting URL. And often the difference in the site URL is so slight it cannot be easily spotted.
• Lock it in. Check the upper-left-hand corner of your browser to make sure you see a padlock symbol whenever you are entering important information into what appears to be your financial institution. Remember, typosquatting sites often are crafted to look like legitimate financial institutions for which you are a customer, and these scams aim to capture your passwords, usernames, and other account information. Another way to lock it in is by partnering with Locknet Managed IT for your IT and network security needs.

Security awareness training protects you from typosquatting and other security threats

Protecting your employees and your business from typosquatting risks starts with education. Security Awareness Training from an IT partner you know and trust can ensure your staff is up to date on the latest security threats, including typosquatting scams. If you are searching for a Security Awareness Training provider near you, the experts at Locknet Managed IT can help. Contact us to speak with an expert about how we can help protect your business, your clients, and your employees from network security risks and cybercrimes like typosquatting scams.