Typosquatting/URL Hijacking

Have you ever wondered how much can a misspelled word cost you? Imagine a scenario where instead of entering the URL “www.google.com”, you mistakenly entered “www.foogle.com” or “www.google.com”. It frequently happens in our day-to-day life that sometimes we end up entering a similar wrong URL with having just 1 or 2 additional or mismatched letters. Typosquatting comes into picture when such typographical errors is made by the Internet users. If a user accidentally enters a wrong website address into the browser, the entered address may redirect the user to an alternate website that is usually designed by the hackers for malicious purposes. The alternate website owner gets free traffic. The hackers usually target well-known domains like Facebook, Google etc. Causes of Typosquatting:

1. Enter the misspelled domain name into the browser.
2. Enter the wrong domain extension (such as .com instead of .org).
3. Forget to include hyphen for a domain that includes a hyphen [NOTE: hyphen is the only special character allowed in the IDNS].
4. Spelled differently from the registered one (such as colour instead of color).
   1. Redirect to an alternate website used for a malicious purpose such as phishing.
   2. Install malware or Ransomware to the PC without even clicking on the site.
   3. Steal confidential data of the Internet users such as credit card information.
   4. Steal the identity of the users for the purpose of Identity theft.
   5. Expose the users to Internet pornography.
      • Bookmark or Pin Tab the websites that are frequently visited.
      • Speech recognition softwares can be used to visit popular URLs such as www.google.com.
      • Perform web searches and then click on the intended site from the web search results.
      • Keep the antivirus software updated.
      • Never click links in chats, messages, emails provided by suspicious senders.
      • If you own a domain, try to register its typo versions before the hackers.