In a digital world, the possibilities are endless. No, really, they are. When you buy a website, would you expect someone to abuse it? Most of us want to believe the world is good and for the most part, it is. However, a few bad eggs ruin things and thankfully a modern risk can be mitigated for about $1 USD a month.
The Problem
Typo-squatting or typo-spoofing is a trick that cyber criminals will use to get victims to visit their website or reply to emails. Bad actors do this by purchasing a website name (or domain name) that is similar. Often times, its purposefully misspelled, has an extra letter, or uses numbers in place of certain letters. Let’s look at a few examples:
- “gooogle.com” instead of “google.com” – notice the extra “o”
- “rnicrosoft.com” instead of “microsoft.com” – notice the use of “r” and “n” next to one another which looks like an “m”
- “yahoos.com” instead of “yahoo.com” – notice the “s” added on the end
- “ver1z0n.com” instead of “verizon.com” – notice the “1” and “0” in place of the “i” and “o”
The Solution
All of the examples listed above are common problems businesses face with cyber criminals. Typos are used blindside internet users with scams, fraudulent emails, or fake web login pages. The next time you receive an email relating to money, double check the domain name, which is listed after the senders username. (Ex. [email protected]) Additionally, any links in emails could be modified to send you to a similar typo-squatting or typo-spoofed domain name to trick you into entering login credentials. Be sure to hover over the links to view where the link is actually taking you, which can differ from what is written in the link text. (Ex. www.onepageawareness.com – don’t worry we own the domain that you were forwarded too in this case.) Learn more about how to spot scam emails here.
Lastly, businesses should look into purchasing alternative spellings to their domain names. This isn’t always feasible as some may have tens of alternatives, but the main ones should be purchased from a domain registrar (such as GoDaddy, Bluehost, or Namecheap). Most domains cost between $10-$15 USD a year. We’d consider that a worthy investment to protect your business from fraud.