Have you ever wondered how much can a misspelled word cost you?
Imagine a scenario where instead of entering the URL “www.google.com”, you mistakenly entered “www.foogle.com” or “www.goggle.com”. It frequently happens in our day-to-day life that sometimes we end up entering a similar wrong URL with having just 1 or 2 additional or mismatched letters.
Typosquatting comes into picture when such typographical errors is made by the Internet users. If a user accidentally enters a wrong website address into the browser, the entered address may redirect the user to an alternate website that is usually designed by the hackers for malicious purposes. The alternate website owner gets free traffic. The hackers usually target well-known domains like Facebook, Google etc.
Causes of Typosquatting:
- Enter the misspelled domain name into the browser.
- Enter the wrong domain extension (such as .com instead of .org).
- Forget to include hyphen for a domain that includes a hyphen [NOTE: hyphen is the only special character allowed in the IDNS].
- Spelled differently from the registered one (such as colour instead of color).
- Redirect to an alternate website used for a malicious purpose such as phishing.
- Install malware or Ransomware to the PC without even clicking on the site.
- Steal confidential data of the Internet users such as credit card information.
- Steal the identity of the users for the purpose of Identity theft.
- Expose the users to Internet pornography.
Threats of Typosquatting:
All kinds of Internet theft is possible through Typosquatting. It can be very dangerous if the URL of a misleading domain is being entered. It can:
It is highly recommended to be careful while typing the domain name of a website. Apart from that, the following ways can be adapted to avoid typo-squatting.
- Bookmark or Pin Tab the websites that are frequently visited.
- Speech recognition softwares can be used to visit popular URLs such as www.google.com.
- Perform web searches and then click on the intended site from the web search results.
- Keep the antivirus software updated.
- Never click links in chats, messages, emails provided by suspicious senders.
- If you own a domain, try to register its typo versions before the hackers.
- Session Hijacking
- Advanced Session Hijacking and How to Protect Yourself
- Top 5 Open-Source Online Machine Learning Environments
- Serverless Computing and FaaS Model - The Next Stage in Cloud Computing
- 7 Essential Tips To Become A Good Technical Leader
- How To Launch A Startup - 8 Step Process!
- AWS Certification Path - Levels, Exam, Cost
- Top 10 Cloud Computing Research Topics in 2020
- How to Choose a Programming Language For a Project?
- Design Twitter - A System Design Interview Question
- Detailed Analysis on affects of Dynamic Typing and Concurrency on Python?
- How to Become a Cyber Security Engineer?
- Difference between Field Marketing and Digital Marketing
- Difference between Full stack developer and Software developer
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.