What is Typosquatting?
Cybercriminals nowadays are getting increasingly creative in their phishing attacks. Typosquatting is a specific form of cybersquatting, which is the practice of registering domain names, in particular using very well-known brand names or companies, under the hope to resell them to the trademark or name owner for a profit.
Typosquatting involves including typos or misspellings in the domain name, so that internet users who accidentally misspell the domain name in the browser end up on the typosquatted domain and therefore visit the fake website, for example goggle.com instead of google.com.
Other scams include the website visitor being lured to the website via a phishing link which then takes them to the typosquatted website to possibly spread malware to the visitor’s device or acquire sensitive information. Typosquatting is also referred to as URL hijacking or fake URLs.
What do Typosquatters want to accomplish?
There’s various reasons why cybercriminals use Typosquatting.
- Acquiring sensitive information through domain spoofing (e-mail addresses, login credentials, credit card information) in order to commit identity theft.
- Selling advertising space on their website using similar domain names with common misspellings to popular brand and company names drives a lot of traffic to the site.
Redirecting to competitors’ websites Taking away from a company’s revenue and reputation by redirecting from to a competitors’ website. - Creating a loss of revenue and reputation for the popular websites big enough for them to want to acquire the typo domain to redirect it to their legitimate website.
How can website visitors detect cybercrime like Typosquatting?
- For any web addresses, check the URL’s spelling is correct.
- Always check the encryption of the website you are visiting. If a keylock symbol appears left to the web address, the website is authenticated by an SSL certificate.
- Confirm a business’s correct website address with support services or contact them directly.
What can you do against Typosquatting?
As a brand or business owner with a domain portfolio, protecting your domains should be one of your main priorities of your cybersecurity strategy. Protecting yourself against cybersquatters’ attacks is a big part of that – and BrandShelter can help you with this.
With our help, we can monitor the malicious websites and misspelled domains for expiry dates ready for you to add them to your portfolio. With our anonymous domain acquisition services, we can ensure you are not paying high amounts as your information will remain private and confidential.
In more severe cases, domain disputes can be solved via the legal route. One option is to file a Uniform Domain-Name Dispute-Resolution Policy (UDRP) complaint with ICANN. Additionally, in the United States, legal action can be taken under the Anti-Cybersquatting Consumer Protection Act (ACPA). Our legal team can help support you with these proceedings.
Contact us to find out how our brand protection services, DNS services and SSL certificates can help you protect your brand and your business from irreparable damage through cybercrime.
Protect your brand today.
Get in touch today to start your BrandShelter account