By Alan Graner
You’ve done it dozens of times. You type a URL and suddenly you find yourself on a strange website.
Instantly you know the problem. You misspelled the URL. Maybe you added a letter, left one out, transposed a couple. So you hit your forehead or emit an exasperated snort and reenter the correct URL.
Just minor inconvenience. Right?
Wrong, Sunshine. That little error can get you into BIG trouble.
Or so says a report on typosquatting by Sophos, the IT security and data protection company http://nakedsecurity.sophos.com/typosquatting/.
What is typosquatting?
According to Sophos, “Typosquatters register mis-spellings of popular domains in the hope that they will be able to make money out of traffic from unintentional typing mistakes, or fat-finger errors, made by internet surfers.”
Are typosquatting sites dangerous?
Only 0.01% of typosquatting sites infect visitors with malware.
So typosquatting is basically benign, yes?
Besides the danger of cybercrime or infection, there are other hazards such as:
- Bait and switch: Typosquatters for popular destinations like iTunes redirect you to their own websites where they hope to induce to use their services instead.
- Brand abuse: Typosquatters pass off their bogus sites as the real thing. So when you type “Googel,” for example, you end up on a fake Google website that looks exactly like the real thing. The payoff? When you click on a revenue-generating link, the money goes to the typosquatter.
At best, typosquatters hope to make money off your mistyping. At worst, they lead you into risky online actions. Just be aware.
For the complete Sophos report, “Typosquatting—what happens when you mistype a website name?”—visit the Naked Security Blog at http://nakedsecurity.sophos.com/typosquatting/
Do you have any typosquatting misadventures you’d like to share?
Image: Benjamin Stone via Flickr®
Alan Graner is Chief Creative Officer at Daly-Swartz Public Relations, an Orange County, CA business marketing content and distribution firm. For content that makes you stick out from the crowd, email Jeffrey Swartz at firstname.lastname@example.org. Or visit www.dsprel.com.