Skip to main content
 

I have assembled some information about  Typosquatting ,which is an issue that users may encounter, and which can bring about much confusion, and potentially serious consequences. 

 

If anyone can add to this information, provide input of experiences, or questions, then that would be most welcome. And I hope you may find this helpful and informative. Thanks. 

 

Beware the TypoSquatters 

 

Typo-squatting: Fast Turnaround for Fast Money   

  In the spring, Websense®️ Security Labs identified a rising trend in bold, well-researched, targeted fraud attacks using typosquatting and false headers as their primary gambit. Since then, these fraudulent attacks have continued, logging immense gains in both volume and success: the FBI’s Internet Crime Complaint Center (IC3) reports a 270% increase in identified victims and dollar losses since January. Since 2013, reported American losses to the scam identified as the Business Email Compromise (BEC) have totaled in excess of $740 million; non-U.S. victims have lost more than $51 million.

 Typosquatting: How Spelling Errors Could Lead to Scams | 

 It’s a common enough scenario, and familiar to most: When typing a URL in the Web browser’s address bar, you accidentally mistype the name. You may type ctibank.com instead of citibank.com, gacebook.com instead of facebook.com, or the ever popular gooogle.com instead of google.com.     

 

 Typos online aren't just a hassle,they're a hazard | High-Tech Bridge 

 

How one bad keystroke can lead you to SpeedUpKit 'scareware' | PCWorld 

 

 Typosquatting abuse of 500 most popular websites analyzed 

 

 http://hardwatersec.blogspot.co.uk/2015/03/implementing-passive-dns-monitoring-to.html 

 

The idea of typosquatting - registering a domain name which mimics that of a valid web site - is not a new concept.  In fact, in the US, laws aimed at preventing typosquatting were introduced as far back as 1999. In the beginning, typosquatting was a way to voice a gripe with the intended target or to generate advertising revenue from mistyped domain names. Criminal organization tactics evolved to use typosquatting as a way to deliver malware to anyone who accidentally happened upon the page.



Recent high profile attacks against Anthem BCBS and Premera Blue Cross highlight the evolution of typosquatting from opportunistic attacks to targeted attacks on specifically targeted organizations. While Premera has been tight-lipped about the methods used to breach their network, more is known about the Anthem attack.  Analysis of both attacks by outside sources, however, point to the involvement of typosquatting attacks.

 

 
Be the first to reply!

Reply


Terms & Conditions