Typosquatting/URL Hijacking Explained: How to Protect Yourself

You need to be cautious whereas typing a web site deal with in your browser deal with bar. It’s because mistyping the URL of your meant web site can lead you to a typosquatting web site that appears much like the unique one. 

And your go to to a typosquatting web site can profit a risk actor in a number of methods, together with finishing up advert frauds, stealing delicate data, putting in malware, and far more.

However what’s typosquatting or URL hijacking precisely, how can hackers weaponize it, and how will you keep away from typosquatting?

What Is Typosquatting?

Typosquatting is an act of registering a misspelled area title of a professional web site with the target of receiving visitors to the pretend web site.

Also called URL hijacking or area mimicry, typosquatting is a kind of social engineering method hackers make use of to focus on customers who occur to sort misspelled URLs of recognized web sites within the deal with bars of internet browsers. In consequence, customers attain typosquatting web sites arrange by risk actors and share delicate data or set up malware inadvertently.

How Does Typosquatting Work?

A hacker registers a misspelled area title of a legit web site and designs it to feel and appear like the unique web site. They could use the identical theme, shade, or typography as the unique web site does to make customers consider they’re on the meant web site after they go to the typosquatting web site.

For instance, a hacker can register exemple.com or exampl.com to focus on web customers of instance.com.

If you incorrectly sort the URL (exemple.com or exampl.com) of your meant web site within the deal with bar of your internet browser, you can be led to the pretend website arrange by the hacker as an alternative of the unique web site.


The appear and feel of the typosquatting web site stands out as the identical as the unique web site. So that you won’t discover that you’re on a pretend web site.

Because the hacker controls the pretend web site you might be on, your go to to the typosquatting website can lead to extreme penalties that embody however should not restricted to the next:

  • The hacker can put pretend presents/low cost coupons on the typosquatting web site. And clicking on such coupons can set up malware in your system.
  • You is usually a sufferer of a drive-by-download assault that may set up malicious software program in your system with out your consent to hijack your system, spy on you, or encrypt/delete information in your system.
  • For those who submit bank card data, the hacker can steal your card particulars and perform varied monetary frauds, robbing you of your hard-earned cash.
  • You’ll be able to unknowingly share login credentials of your cloud information backup with the hacker in case you occur to go to their typosquatting web site that’s much like your cloud storage supplier. After which, the hacker can steal your confidential information.

Visiting a typosquatting web site also can set up a Keylogger in your system, sending your keystrokes and random screenshots of your system to the hacker. In consequence, the hacker can know every thing you do in your PC, together with your passwords, delicate data, and different confidential information.

For those who run a enterprise or firm, typosquatting web sites can harm your model/status as a result of visits to those pretend websites can lead to profound safety implications that create a damaging notion of your model.

Additionally, typosquatting web sites steal your visitors, which suggests a lack of income.

Kinds of Typosquatting

A pretend URL resembling a legit URL can use one of many following techniques:

1. Utilizing the Flawed Spelling

All of us make spelling errors, and hackers capitalize on this by registering domains with the improper spellings of recognized manufacturers and hoping that web customers will go to pretend web sites—for instance, faceebook.com or facbook.com.

2. Including “WWW” to the URL

Hackers additionally add “www” to the URLs of common web sites to register typosquatting web sites. For instance, wwwfacebook.com. Did you discover the absence of a dot between www and fb.com?

3. Utilizing Flawed Area Extension

Hackers can use the improper area extension to create a typosquatting web site—for instance, www.fb.cm.

4. Utilizing Combosquatting

Hackers additionally add or take away a hyphen in a website title to redirect customers to a pretend website. For instance, face-book.com.

5. Including or Eradicating a Dot

Including or eradicating a dot from a recognized model is one other means hackers create a pretend URL for a malicious web site. For instance, face.guide.com.

6. Supplementing Standard Manufacturers

Hackers additionally complement common model names with applicable phrases to create pretend URLs of malicious websites. For instance, apple-shop.com.

Why do Hackers Make use of Typosquatting or URL Hijacking?

A Hacker Sitting In-Front of a System

The next are key the reason why risk actors are motivated to register typosquatted domains of professional domains.

1. Redirecting Visitors to a Competitor

A typosquatter might redirect visitors to a competitor of the particular web site and cost the competitor on a pay-per-click foundation.

For instance, you run an e-commerce web site named GreenTeaShop.com, providing varied varieties of inexperienced tea on-line. A typosquatter can create a pretend web site GrenTeaShop.com and redirect it to your competitor.

When customers sort GrenTeaShop.com as an alternative of the proper URL of your web site, they are going to attain your competitor. And the typosquatter will obtain cash out of your competitor for redirecting clients to their web site.

2. Producing Promoting Income

Suppose a pretend website will get visitors from a search engine because of the reputation of the unique model proprietor. In that case, the typosquatter might begin serving web site guests adverts to generate promoting income.

As an illustration, you run a massively common website- teenhobby.com and hundreds of individuals go to your web site month-to-month. And plenty of of your guests might incorrectly sort teenhoby.com as an alternative of the proper title.

By making a typosquatting web site with the title teenhoby.com, a typosquatter might obtain a whole bunch of hits every month just because customers mistyped the spelling. After which, they’ll begin incomes advert income by taking part in any promoting program like Google Advertisements.

3. Phishing and Knowledge Stealing

One widespread purpose risk actors register domains with the improper spellings is to hold out phishing assaults and steal customers’ information, particularly on banking web sites. When customers are on a typosquatted website, a risk actor can current them with a phishing marketing campaign to lure them into sharing delicate data.

A pretend website or sting website also can current customers with on-line surveys and suggestions varieties to steal information. So if you wish to defend your delicate data, watch out for typosquatting web sites.

4. Bait and Change

Menace actors can register misspelled domains to create pretend websites of authentic on-line shops. These pretend web site homeowners obtain customers’ cost data (and cash), however the merchandise are by no means shipped to the purchasers.

For instance, you run a well-known e-commerce retailer named hardcoffee.com. A risk actor can register a typosquatting web site with the area name- hardcofee.com to run a rip-off.

When clients attain hardcofee.com resulting from incorrectly typing your web site deal with, they’ll place orders and make funds. However the typosquatter doesn’t ship the ordered merchandise.

Worse, they’ll promote clients’ card particulars on the darkish internet.

5. Putting in Malware

A Desktop Showing Danger Symbol and Locked Folder to Represent Malware

Some risk actors use typosquatting to create malicious web sites that may trick customers into putting in malware or different dangerous packages on their techniques.

Ransomware, Spy ware, and RAT are widespread malware packages risk actors can set up utilizing a typosquatting web site.

6. Promoting Area Names

Generally, risk actors register misspelled domains hoping that authentic web site homeowners will purchase these typosquatting domains.

As an illustration, you run a preferred web site named indoorgames.com. A risk actor might create a web site—indorgames.com and call you if you’re enthusiastic about shopping for this typosquatting web site.

Many enterprise homeowners purchase doubtlessly spoofed domains hoping to stop incidents of typosquatting.

7. Affiliate Incomes

A hacker can create a typosquatted web site to ship visitors again to the unique website in order to take part in a model’s professional associates program.

Typosquatting vs. Cybersquatting: What Is the Distinction?

Typosquatting is the method of registering a misspelled area title of a preferred professional firm within the hope that customers will lend to the pretend web site by incorrectly typing the URL of the corporate of their browser deal with bar. Consequently, they are going to attain a pretend web site created by the typosquatter to satisfy varied malicious functions.

However, cybersquatting is to register related domains of real websites with the intent of taking advantage of authentic trademark holders.

For instance, somebody runs ShooFit.com web site, providing high quality sneakers for males, ladies, and kids. After some years, the shoe firm turns into profitable, promoting hundreds of sneakers every day on-line.

A risk actor opens ShooFitStore.com to capitalize on the success of ShooFit.com. The cyber-squatted website can promote inferior high quality sneakers and harm the status of the model or contact the unique model proprietor providing to promote the cybersquatted area for an enormous value.

The right way to Defend From Typosquatting or URL Highjacking

An Image of Lock Placed on the Globe to Represent Protection From Typosquatting

Listed below are tricks to keep protected from typosquatting websites:

  • Keep away from clicking unknown suspicious hyperlinks in emails, social media platforms, and messenger chats.
  • Hover over the hyperlink and take a look at the URL rigorously earlier than clicking it. You may also use a URL scanner to evaluate if the hyperlink is malicious.
  • Use a search engine to search out web sites you wish to go to and take the assistance of a protected search device to filter out malicious and suspicious web sites.
  • Bookmark frequently-visited web sites in your internet browser to keep away from typing web site names in your browser deal with bar.
  • Keep away from clicking on shortened URLs in case you don’t belief the supply.

And if you’re a enterprise proprietor, you must register potential typosquatting domains and redirect these typo domains to your important website. Doing so will forestall webpage guests from inadvertently reaching typosquatted web sites.

Additionally, you must trademark your area title. This can allow you to take authorized motion towards those that purposely create typosquatting web sites much like your real web site.

Take into account signing up for ICANN’s (the Web Company for Assigned Names and Numbers) “trademark clearinghouse” to understand how your trademark is getting used on-line. If somebody tries registering a website title that infringes your trademark, it’s going to notify you.

The right way to Spot a Typosquatting Web site


The next ideas will aid you determine a typosquatting web site:

  • Typosquatters register domains much like the professional web site however with a slight spelling error. So you must verify the spelling of the web site area title rigorously to make sure you go to a legit website, not a pretend one.
  • Some typo-squatted domains embody particular characters similar to dashes or dots within the domains.
  • Examine the URL within the deal with bar to see whether or not it matches the unique website.
  • Take a look at the design and really feel of the web site. A typosquatted web site tends to have poorly written content material and low-quality movies and pictures.

What to Do if Your Enterprise/Web site Is a Sufferer of Typosquatting?

For those who suspect that risk actors have created typosquatting web sites to focus on customers of your small business web sites, the next is how one can take care of it.

Discover Typosquatting Domains

You’ll be able to simply discover doubtlessly spoofed domains by utilizing a third-party device like dnstwist.it, which is free. It can aid you detect typosquatting, model impersonation, and homograph phishing assaults. 

Sort the URL of your web site and click on on the Scan button. You’ll get a listing of domains which are much like your web site. Examine these domains rigorously to determine typosquatting web sites.

A Screenshot of Dnstwist Showing Typosquatting Domain

Plan Reactive Actions to Fight Typosquatting

Upon getting made a listing of typosquatting domains, attain out to those area homeowners and inform them that you’ll take authorized motion towards them.

The US has the “Anticybersquatting Shopper Safety Act” (ACPA) that provides many authorized choices to fight typosquatting. You have to rent an legal professional or lawyer in case you determine to pursue your reactive motion beneath ACPA.

You may also take the assistance of the Uniform Area-Title Dispute-Decision Coverage (UDRP) enforced by the Web Company for Assigned Names and Numbers (ICANN) to take management of typosquatting domains.

Ultimate Phrases: Defend Your self From Typosquatting

Typosquatting or URL hijacking poses a extreme risk to web customers. In case you are not cautious, clicking on a typosquatted area can obtain malicious software program to your PC, inflicting irreparable harm. 

And in case you run a enterprise, a typosquatted area proprietor can divert your potential clients to your rivals. Additionally, a typosquatter might create a rip-off website, using on the recognition of your real website.

So, defending your self from typosquatting ought to be your precedence whether or not you run a enterprise or are merely an web person.

Rate this post
Leave a Comment