What is Typosquatting?
Have you ever started typing a URL in your browser search bar, which you’ve been to a million times, and then you receive an unfamiliar page loaded into your browser? Or the website you meant to type in does not appear?
You take a second look and whoops, one character typo, extra letter here, missing character there. If you are like me and many others, sometimes you fat-finger the keyboard. It happens.
In a Typo Squatting Attack, an adversary attempts to exploit our fat fingers and our brain's autopilot mode by registering a domain name with deliberately misspelled names of credible websites. A domain that we could easily typo as we are searching in our browser or overlook the difference while surfing the interwebs. For example, when navigating over to google.com, we may accidentally type googl.com.
Why Should I Care?
The attacker will not only register domains with names similar to credible domains, but they will also clone the site so it looks just like the actual website. Imagine an attacker registers the domain gnail.com. We want to check our emails and accidentally type in gnail.com. Since the attacker owns this domain, they will be able to provision a TLS certificate; this means we would have that lock symbol next to the domain. The only indicator would be that slight spelling difference. Without noticing this, an attacker could steal our valuable credentials to gmail.com.
Typosquatting can be used to sell fake expensive brand items. You’ve been working so much lately that you haven’t had the time to get your wife something special for Mother’s day. While checking your email, you notice that you’ve received an email about a fantastic sale on that $5,000 Louis Vuitton handbag your wife has been talking about. “Purchase before Mother’s Day and receive 70% off!”, You pounce on the opportunity and receive a gorgeous handbag just in time for Mother’s day! Your wife is ecstatic, and based on how much you could’ve spent, so is your wallet…Until you try and swipe your credit card for that Monday morning coffee and get declined.
Blinded by the urgency of a late gift and the excitement of the sale, you accidentally purchased a false LV on https://loisvuitton.com/. That steal of a deal turned into an attacker stealing your credit card information.
Business Perspective
We should also care about our customers and whether or not they could fall victim to such fraud. When a brand is associated with scams, it could harm our credibility, product value, and business. We do not want anyone to mimic our site and perform malicious actions.
