Mistyping a website address can potentially lead you to getting a virus! How? By buying up the domain names of major websites with mistakes in the name, criminals then make these websites look just like the site you were meant to go to. For example, yousendit.com is legitimate, while yousendit.co is blocked by some web filters as malicious. Because you think you are at a legitimate website, if a popup appears asking you to update a browser extension or plugin you are more likely to click YES. Remember though that a web button can be made to say NO, YES or Cancel, but still act as a YES. So, you click and agree to install something, and they then pass you on to the actual site leaving you unaware that anything was amiss. The problem has got so bad it is now known as typosquatting and in a test, antivirus firm Sophos found 2249 possible typosquat domains against just six web domains including their own, for Facebook, Google, Twitter, Microsoft, and Apple.
Other fake websites try to get you to login to their fake (but identical looking) version, so you end up giving the criminals your username and password details. This can be somewhat troublesome for you if this happens to be a PayPal or online banking account. More sophisticated versions will actually mirror the real website in real time, so you actually think you are at the real website. But instead of paying your electricity bill, money will be transferred to another dubious account.
The biggest issue you face though is arriving at a criminal’s webpage with an exploit kit and if you are unlucky enough not have the latest patches or updates for the vulnerability that is being targeted, your machine may be infected, and you will be none the wiser. It doesn’t help that the range of internet domain names has been opened up from a small range of .com, .org, .net and country addresses, to a huge list of words. So now you have: .bingo, .video, .college, .fashion, .garden, .poker, .chat, .style, .tennis, .fit, .design and many more. Even missing out letters of a web domain will turn a .com into a .om or .co which are legitimate web domains. So, what can you do to avoid typos, either bookmark all your common websites and select them from the favourites tab or use a mainstream search engine like Google, Bing, Yahoo or DuckDuckGo.
To help, some companies actually register various typos of their web domain themselves to protect you and block the criminals. For example, microdoft.com actually goes to microsoft.com, but microdoft.co.uk doesn’t go anywhere. Unfortunately, there are so many possible combinations depending on how long the web domain is, so the advice is still to either use bookmarks or a mainstream search.
There is also another option used by criminals, which is to purchase web domains that use international characters, rather than the standard A-Z set. An example is the Greek Omicron ο which looks just like a regular o. Can you spot the difference even when magnified up? It’s impossible at the normal font size, but to a computer they are completely different. Standard fonts like Arial have multiple characters for the letter o in Latin, Greek, Cyrillic, Armenian and Hebrew, without any accents or obvious cues that they are international characters. Eg:
Gοοgle, Google or Gօօgle
To help combat this problem a free browser extension was developed for Chrome, Firefox and Opera called "IDN Safe" (https://github.com/AykutCevik/IDN-Safe) which blocks you from visiting websites with internationalized domain names, though this feature is now built into Google Safe Browsing in Chrome.
Here is an example of a phishing email using international characters, can you spot the first letter a in service@påypal.com is actually å, which is quite easy to miss, especially if the email is read on a mobile.
Index or next chapter File Transfer Services