Scam Alert: Watch out for typos when searching for websites

Scam Alert: Watch out for typos when searching for websites

Typosquatting is the latest cyber scam and hackers are hoping you'll misspell one of these popular brands including PayPal, TikTok, and more

by Nora Hogan and Kurt Knutsson
Website image credit:

Typos are a part of life with technology, it’s why auto-correct was invented! And while they’re common for you or I to make any given day, scammers are taking advantage of this in a major way.

Have you ever heard of typosquatting? It’s also known as URL hijacking. We’ll explain how a simple misspelling of a word or brand or a slip of the finger on your keyboard can lead to harmful malware being installed on your device like it was for many victims attempting to find 27 apps, companies, and websites, many of which you’ve heard of.


“Typosquatting” campaign is targeting customers of these 27 brands

What is typosquatting?

Criminals know how common it is to make a mistake while typing, and they are actually banking on the fact that it’ll happen to any one of us. Typosquatting is a method where a hacker purchases a URL that is similar to a real URL, and makes the fake site look like a clone of the real one. They want the fake websites and URLs to look real so you don’t realize you’re not interacting with an actual website, logging into your account, and handing over your information to the scammers on the other end.

As an example, if you wanted to go to, but may have accidentally mistyped the spelling of, it’s possible you will arrive at a fake website that seems real, but isn’t.


New typosquatting campaign

This latest campaign is targeting Windows computers with malware known as ERMAC, identified by Cyble Research & Intelligence Labs, which is an Android Banking Trojan. ERMAC steals bank account and crypto wallet information from over 400+ apps.

Now scammers are using typosquatting techniques targeting 27 popular brands and websites using over 200 fake domain URLs to trick victims into visiting fake websites that will steal information and install ERMAC malware.

Some of the most well-known apps that are being impersonated via these fake URLs are:

  • TikTok
  • Vidmate
  • SnapChat
  • Paypal
  • Google Wallet

See below for the full list of names of apps, software, cryptocurrency wallets, and websites being impersonated.


  • TikTok
  • Vidmate
  • SnapChat
  • Paypal
  • APK Pure
  • APKCombo
  • Google Wallet


  • Microsoft Visual Studio
  • Brave Browser
  • ThunderBird
  • Notepad+
  • Tor Browser


  • TronLink
  • MetaMask
  • Phantom
  • Cosmos Wallet
  • Mintable
  • Ethermine
  • GenoPets


  • Trading View
  • IQ Option
  • NinjaTrader
  • Tiger.Trade


  • Figma
  • Quatro Casinos
  • Big Time
  • CS:Money


How to not fall for a typosquatting campaign

1) Use a search engine

If you use a search engine to find any website you’re looking for if you don’t have it bookmarked, you’re less likely to end up on a fake dupe for the site because of a typo. Even if you misspell the company name or app that you’re typing, the search engine is more likely to correct it and bring you to a safe and real website. Click here for more on why you should switch to a secure search engine.


2) Double-check spelling and URLs for every website you visit

You may have just typed an extra letter somewhere in a URL, but double-checking that you wrote “Facebook” and not “Facebook” may be the difference between your devices getting hacked or not. Also if you do opt to type in a URL and not look up a site through a search engine, double-check that the URL is correct after you get to the website. These hackers have bought URLs that are based on misspellings, but once the fake website loads, you may notice that the URL looks a little fishy.


3) Use an Antivirus software

Our top recommendation, a premium TotalAV subscription includes real-time anti-malware protection and advanced AI-driven cloud protection, which keeps your computers protected against the latest zero-day threats. Should malicious behavior be detected on PC, Mac, Android, and iOS devices, TotalAV interjects and stops the process as well as quarantines the files that are about to cause problems.  This process works silently in the background, having minimal impact on system resources.

Special CyberGuy limited-time deal: $19 your first year (80% off)



Related Articles

Subscribe to receive my latest Tech news, tips & tricks, and deals newsletter. (We won't spam or share your email with anyone else.)

By signing up, you agree to our Terms of Service and Privacy Policy. You may unsubscribe at any time.

Tips to avoid our newsletters going to your junk folder