Typosquatting / URL Hijacking
Typosquatting, a.k.a. URL Hijacking is a social engineering method that uses misspelt domains for various malicious or illegal activities. In this kind of attack, the threat actors generate a sting or a fake site that impersonates a legitimate domain and the generated fake site is used for malicious purposes.
These threat actors register these malicious and fake domains, similar to legitimate ones, but contains typographical errors in the hope of fooling their victims. These fake websites/domains can steal user credentials, PIIs (Personally Identifiable Informations) such as full name, SSN (Social Security Number), address, credit card informations, etc.
Examples
A legitimate domain will be dogfood.com and a fake domain one will look like dogfud.com or dofgood.com
What are the variations used in Typosquatting Attacks?
There are plenty of ways that scammers/hackers can try to trick us into clicking on a domain they own.
How to Avoid Typosquatting Attacks?
The Typosquatting attacks can only be avoided or prevented by becoming consious about this attack.
In simple terms, a typosquatted website is a form of domain spoofing that aims to create a domain that looks similar and legitimate to an existing site.
