In the digital age, technology has transformed everyday life, offering unprecedented connectivity and facilities such as online shopping, streaming services and instant communication. However, along with these conveniences, a growing threat has also emerged: cyber attacks. Among these fraudulent practices, A new type of scam, known as typosquatting, is putting the bank accounts of thousands of users around the world at risk.
What is typosquatting?
Typosquatting is a social engineering technique that exploits typing errors when manually typing web addresses.
Cybercriminals record domains that are almost identical to those of popular sites, but with slight alterations, such as added, missing, or replaced letters.
For example, instead of entering “amazon.com,” a user might make a mistake and type “amazom.com.” This small difference could direct you to a malicious site that perfectly imitates the original, with the purpose of stealing sensitive information such as usernames, passwords and credit card details.
How this scam works
Fraudulent websites designed by attackers often carefully replicate the design of authentic pages, including logos and corporate styles. This makes the user does not suspect that he is facing an imitation. Once the person interacts with the site, such as by entering their credentials or financial details, the scammers gain direct access to their personal information.
In addition to harming victims, this type of fraud also harms brands, as it can damage their reputation and generate distrust among their customers.
How to protect yourself from typosquatting?
Prevention is key to avoid falling for this type of scam. Here are some recommendations from cybersecurity experts:
- Carefully review the URLs: Before entering sensitive data on a website, make sure the address is correct. Pay attention to small changes like extra, missing letters, or unusual domains.
- Use bookmarks or search engines: eInstead of manually typing web addresses, save trusted sites as favorites or use them through search engines.
- Avoid links in emails or messages: If you receive a link, especially in unsolicited messages, check its authenticity before clicking.
- Enable additional security measures: Set up two-factor authentication (2FA) on your accounts to add an extra layer of protection.
Common fake domains in typosquatting
- google.co
- google.com
- amazon.com
- facebook.com
- microrosft.com
- google.login.com
These domains are specifically designed to trick users and direct them to malicious sites.
Now that Three Kings Day is approaching and online shopping is skyrocketing, Experts warn that cybercriminals are more active than ever. The main recommendation is to stay alert and always check the URLs before accessing a website. Although a single click may seem harmless, the consequences of falling for this scam can be devastating.