You've likely heard of denial of service (DoS) and supply chain attacks, but what about typosquatting? It's a relatively unknown cybercrime event that could install malware and ransomware onto your computer, jeopardizing your entire business. Here's everything you need to know about this type of cybercrime and how to prevent typosquatting from happening.
Typosquatting — or URL hijacking — involves cybercriminals registering and purchasing misspelled URL domains in the hope that someone like you will accidentally type that domain into your internet browser.
Here's a real-life example to make things clearer:
In 2006, criminals purchased the URL Goggle.com because it looks similar to Google.com, the world's most-visited website. Many internet users accidentally landed on the former because they had misspelled Google — easily done when quickly typing domain names into a browser. Goggle.com — the misspelled domain — bombarded visitors with malicious ads and pop-up windows and downloaded malware onto users' computers.
Why is typosquatting a security threat?
Here are some reasons why typosquatting is a danger to businesses like yours, as team members might:
- Be unaware they are on a different website than the one they intended to use, especially if the typosquatting domain has a similar appearance
- Hand over personally identifiable information on a typosquatting domain
- Inadvertently download malware, adware, and other threats when visiting a typosquatting domain
How to prevent typosquatting
Here's how to protect against URL hijacking:
- Double-check the spelling of every domain you enter into the address bar.
- Look for the lock symbol on the left of your address bar. This symbol means an encrypted connection exists between your browser and the website's server.
- Check your domain has the "HTTPS" prefix, which indicates a secure domain.
- Access websites by typing their name into Google and clicking on the first relevant link on the results page.
Package typosquatting involves cybercriminals creating fraudulent package manager configurations with similar names to legitimate ones. Like URL typosquatting, these criminals hope developers or other team members make typos when searching for dependencies.
An example of package typosquatting is a hacker making different combinations of potential typos for the Python library OpenCV Python. Developers who type 'openccv-python' instead of 'opencv-python' might access a fake dependency that leaves your business systems open to security vulnerabilities.
As well as double-checking dependency names when typing them, you can invest in a package management solution that scans for vulnerabilities and protects your business.
Typos are common when searching for information online. Criminals exploit these errors by creating domains with similar names to popular websites, hoping your team members will land on these pages. Hackers can then phish for sensitive information or cause employees to download malware and other security threats onto systems. Learning how to prevent typosquatting from happening will protect your business.
(Image courtesy: Unsplash)