Scam Alert: Watch out for typos when searching for websites

Website image credit: Cyble.com

Typos are a part of life with technology, it’s why auto-correct was invented! And while they’re common for you or I to make any given day, scammers are taking advantage of this in a major way.

Have you ever heard of typosquatting? It’s also known as URL hijacking. We’ll explain how a simple misspelling of a word or brand or a slip of the finger on your keyboard can lead to harmful malware being installed on your device like it was for many victims attempting to find 27 apps, companies, and websites, many of which you’ve heard of.

 

“Typosquatting” campaign is targeting customers of these 27 brands

What is typosquatting?

Criminals know how common it is to make a mistake while typing, and they are actually banking on the fact that it’ll happen to any one of us. Typosquatting is a method where a hacker purchases a URL that is similar to a real URL, and makes the fake site look like a clone of the real one. They want the fake websites and URLs to look real so you don’t realize you’re not interacting with an actual website, logging into your account, and handing over your information to the scammers on the other end.

As an example, if you wanted to go to paypal.com, but may have accidentally mistyped the spelling of paypal.com, it’s possible you will arrive at a fake website that seems real, but isn’t.

 

New typosquatting campaign

This ongoing campaign is targeting Windows computers with malware known as ERMAC, identified by Cyble Research & Intelligence Labs, which is an Android Banking Trojan. ERMAC steals bank account and crypto wallet information from over 400+ apps.

Now scammers are using typosquatting techniques targeting 27 popular brands and websites using over 200 fake domain URLs to trick victims into visiting fake websites that will steal information and install ERMAC malware.

Some of the most well-known apps that are being impersonated via these fake URLs are:

  • TikTok
  • Vidmate
  • SnapChat
  • Paypal
  • Google Wallet

See below for the full list of names of apps, software, cryptocurrency wallets, and websites being impersonated.

APPS

  • TikTok
  • Vidmate
  • SnapChat
  • Paypal
  • APK Pure
  • APKCombo
  • Google Wallet

SOFTWARE

  • Microsoft Visual Studio
  • Brave Browser
  • ThunderBird
  • Notepad+
  • Tor Browser

CRYPTOCURRENCY

  • TronLink
  • MetaMask
  • Phantom
  • Cosmos Wallet
  • Mintable
  • Ethermine
  • GenoPets

CRYPTO AND STOCK TRADING

  • Trading View
  • IQ Option
  • NinjaTrader
  • Tiger.Trade

WEBSITES

  • Figma
  • Quatro Casinos
  • Big Time
  • CS:Money

 

How to not fall for a typosquatting campaign

1) Use a search engine

If you use a search engine to find any website you’re looking for if you don’t have it bookmarked, you’re less likely to end up on a fake dupe for the site because of a typo. Even if you misspell the company name or app that you’re typing, the search engine is more likely to correct it and bring you to a safe and real website. Click here for more on why you should switch to a secure search engine.

 

2) Double-check spelling and URLs for every website you visit

You may have just typed an extra letter somewhere in a URL, but double-checking that you wrote “Facebook” and not “Facebook” may be the difference between your devices getting hacked or not. Also if you do opt to type in a URL and not look up a site through a search engine, double-check that the URL is correct after you get to the website. These hackers have bought URLs that are based on misspellings, but once the fake website loads, you may notice that the URL looks a little fishy.

 

3) Use an Antivirus software

Our top recommendation, a premium TotalAV subscription includes real-time anti-malware protection and advanced AI-driven cloud protection, which keeps your computers protected against the latest zero-day threats. Should malicious behavior be detected on PC, Mac, Android, and iOS devices, TotalAV interjects and stops the process as well as quarantines the files that are about to cause problems.  This process works silently in the background, having minimal impact on system resources.

Special CyberGuy limited-time deal: $19 your first year (80% off)

 

 

 

 

Copyright 2023 CyberGuy.com.  All rights reserved.  CyberGuy.com articles and content may contain affiliate links that earn a commission when purchases are made.

Related posts

Understanding brushing scams and how to protect yourself

From TikTok to trouble: How your online data can be weaponized against you

Massive data breach at federal credit union exposes 240,000 members