Cyberattacks are always evolving. Given our current reliance on remote work due to COVID-19, cyberattacks are more prevalent than ever. With all these crazy hacks happening lately, it can be easy to overlook the basic tricks. The most common one is called typosquatting.
What is Typosquatting?
Adam Levin perfectly describes what typosquatting is: “Typosquatting is when third parties buy variants of domain names based on simple and common spelling errors, e.g. ‘gooogle.com’, or ‘gooogl.com’ instead of Google.com.”
Typing errors like these are common mistakes that can happen simply when someone is typing too fast and hits enter before they check what they typed. This can lead to disastrous consequences.
One study of 15,000 domain names shows that about 2.7% of them redirected users to websites associated with cybercrime. These addresses can only be one letter off and yet they bring you to a whole different site. Sometimes you may not even notice the difference.
Cyber criminals buy these websites that are similar on purpose to create traps for unsuspected users who are trying to get to the actual domain. When people get redirected to different websites other than the ones they wanted, this can cause some problems for your company. As well as affecting your company, this type of problem can also affect those of you at home on your personal devices. If people aren’t careful enough, something like this could happen anywhere.
Theses websites aren’t necessarily a direct attack against a specific company. Instead, the motives of the attackers can vary: some want to steal information while other want to hurt reputations by redirecting customers to sites filled with ads or malicious content.
It may seem hard to keep track of all the different threats that are out there. Add a pandemic on top of all that and you might want to be a little more cautious with your typing. These hackers know that people are vulnerable during times like these, but that doesn’t stop them from planning malicious attacks. One example of these hackers using COVID-19 to their advantage is through the domain name Whitehouse.org instead of the real Whitehouse.gov. This is especially hazardous because people are looking to this website for information on COVID-19 but instead are falling victim to these cybercrimes. Even just a single missing letter can lead you to a completely different site, providing hackers with the opportunity to take hold of your data.
For theses hackers, buying domain names is what they do. And on top of that, it is fairly simple to buy a new domain name. A popular way to buy and create a website is through GoDaddy. From here you type in the domain name you want to register and then you create an account and pay a low fee for each year you have the domain set up. Pretty easy, right? right?
Avoiding the Trap
If you are unfortunate enough to find yourself on one of these phony sites, make sure you don’t enter any credentials or account information because the hackers will steal it and use it to their advantage. If you use the same passwords for all your accounts, then you may be in even deeper trouble. And if you don’t use two-factor authentication, then this can lead to a large-scale attack on your personal and work accounts.
But how do you tell from a quick glance that it is the wrong domain? That can be a tricky one to figure out, especially if the website appears valid because they have verified credentials. That just means they have the little lock icon next to the domain name in the browser bar.
So, if it looks legit and has the lock icon, then what? NBC’s Herb Weisbaum explains that your best bet would be to bookmark the correct web address, eliminating any chance of typos. It also creates a fast and efficient way to get to your favorite websites. Another way to avoid disaster is to type what you are looking for into a search engine; that way, you will only get the website you are looking for because search engines won’t list the imposter websites. Social media links are also something to look out for since they don’t have to be legitimate for people to share them. Someone could post a fake link on purpose just to get you to click it.
And if you need a last resort, get in the habit of double–checking what you type before hitting enter. This is a fool-proof way to make sure you don’t fall into any sneaky traps.
But if this does happen to you, don’t worry. You are not alone. Matthew Chambers, a security expert in Atlanta, reported that domains in one typosquatting network were visited around 12 million times in just the first three months of 2018.
What Can Businesses Do?
Businesses need to consider a proactive approach to this problem. The best solution is to buy all the similar or related domain names that they can and make sure they redirect to their actual website. It is hard to obtain every single variation, so it is important to just buy the most obvious ones. Going back to GoDaddy, they offer domain names for just .99 cents. Seems almost too easy, no?
Another way to combat this problem is with trainings for your employees. Trainings may include just making your employees aware of the fact this can happen and can cause some serious damage. Teach them how to identify a bad site and to double–check their typing. But whatever you decide to do, don’t ignore this problem.
MSPs are a good option when it comes to keeping your business safe from cyberattacks. MSPs have the expertise to help you avoid these damaging attacks, helping you keep your reputation intact.