skip to main content

We Want To Hear From You!

Please take a few moments to complete our survey.

View Survey   Close

CBWY Blog

How Typosquatting Hacks Can Target Your Company

How Typosquatting Hacks Can Target Your Company

Typosquatting is perhaps the least sophisticated form of domain name hacking. It relies on user error, specifically the odds of a user mistyping a URL address into their web browser. Hacker register a misspelled version of a well-known domain name, such as “gooogle.com” or “gooogl.com” rather than google.com. (Important: do not visit either “gooogle.com” or “gooogl.com”. They are dangerous).

Once a would-be victim has accidentally connected to a typosquatted domain, hackers can deploy any number of exploits. They will often create a copy of their targeted website but replace the most clicked links to malware, or they might prompt a user to enter their login and password for the “real” site and deploy those credentials in credential stuffing attacks on other websites or networks (a technique called “pharming”). Another strategy might involve the installation of a malicious browser extension or phony security software, both granting hackers unfettered access to their target’s devices.

One of the more famous examples of typosquatting in recent years involved Reddit.com, one the world’s most trafficked websites. 

A hacker acquired the domain name “reddit.co” and created a facsimile of the Reddit site. The goal was to pharm user credentials. The domain name was identical to Reddit except it was designed to identify sites registered in the nation of Colombia. The sole difference--a .co suffix, rather than .com, which is reserved for commercial websites was easily disregarded as one of the vagaries of the mysterious world wide web.  

The hacker behind reddit.co also acquired an SSL domain certificate for the facsimile site, which meant the site displayed a green padlock secure symbol on most major web browsers (that is, until it was discovered by security researchers and marked as a fraudulent site). 

“[T]his is an effective scam,” said cybersecurity expert Azeem Aleem of the Reddit hack. “They’ve put in the time and effort to create a remarkably realistic website that even shows a secure SSL certificate in your browser window. It is well designed, well executed, and it highlights the very real danger of modern spoofing attacks... what’s more worrying is what this stolen data will be used for, as stolen credentials are used to breach the victim’s other accounts, and carry out sophisticated phishing attacks on friends, colleagues, and family.”

By Travis Taylor

Theme picker

There is a Difference.
Commerce Bank of Wyoming is committed to website compliance with the Americans with Disabilities Act.
We strive to make our site useful and accessible to everyone. If you have questions or comments regarding the website please contact us.
copyright © 2004-2020 Commerce Bank of Wyoming. All rights reserved. / sitemap / Admin Login
top
^