Skip to main content
  1. Home
  2. Computing
  3. News

Microsoft Edge now warns when your typos can lead to being phished

By

Microsoft has detailed its latest effort to protect against various types of fraud that can happen via a method as simple as spelling a website URL incorrectly.

The company has announced as of Monday that it is adding website typo protection to its Microsoft Defender SmartScreen service, to aid against web threats such as “typosquatters.” These types of cybercrime can include phishing, malware, and other scams.

Microsoft Defender SmartScreen helps protect users against websites that engage in phishing and malware campaigns.
Image used with permission by copyright holder

If you happen to have a typo in the website name you’re trying to input, it can send you to an alternate page that hosts “advertising sites, affiliate links, false products, fake search engine results, or in some cases by redirecting users into parked domains reserved for very short-lived phishing campaigns,” Microsoft noted.

Recommended Videos

The new Website typo protection on the Microsoft Defender SmartScreen service combats these typosquatter tactics by alerting you via a warning page when you have misspelled a URL and been directed to a typosquatting site. You will be asked to verify the site address you want to visit before you can continue, the brand added.

Please enable Javascript to view this content

Microsoft has already partnered with the Bing Indexing team in order to identify new typosquatters and their webpages as soon as they pop up to keep the Microsoft Edge browser dynamically updated.

Microsoft is not always known for its preventative measures when it comes to cybersecurity. More commonly, the brand responds in the aftermath of a major exploit.

A recent zero-day vulnerability, CVE-2022-41040, and CVE-2022-41082, that was discovered in Microsoft’s Exchange email servers in early October was not only already exposed to bad actors, but it was also mistaken for a different exploit before it could be identified.

At the time, Microsoft stated it was “working on an accelerated timeline” to address the zero-day vulnerability and create a patch. However, with the exploitation already in the wild, there are ample opportunities for businesses and government entities to be attacked by bad actors. So far, there haven’t been any known attacks using the CVE-2022-41040 or CVE-2022-41082 vulnerabilities.

Editors’ Recommendations

Topics
Fionna Agomuoh
Fionna Agomuoh
Computing Writer
Fionna Agomuoh is a Computing Writer at Digital Trends. She covers a range of topics in the computing space, including…
Microsoft is making a major change to using your iPhone in Windows
The Dell XPS 13 on a table with the Start Menu open.

In a recent Windows Insider Blog post, Microsoft announced it's adding the option for iPhone users to access their phones from the Start menu. Thanks to a special widget next to the Start menu, when you connect your phone, you can see data such as notifications, battery indicators, recent contacts, connection status, and more.

To enjoy this feature, you must use the recent Windows 11 preview build from the Dev and Beta channels, and you must be a Windows Insider. You must also update the Phone Link app to version 1.24121.30.0 or higher, have a Microsoft account, and have a PC that supports Bluetooth LE. Microsoft said it does not support PCs running Pro Education or Education SKUs. Even if this doesn't affect you, the update is rolling out in phases, so reaching your PC might take some time if you don't already have it.

Read more
Microsoft is rolling out Teams phishing protection for all next month
Microsoft said that Teams has received a ground-up redesign, which will “empower customers to navigate the challenges of the evolving modern workplace.”

Microsoft alerted Microsoft 365 admins that the phishing alert features will reach all users by mid-February, as Bleeping Computer reports. The new feature will be enabled by default and alert users when an attack is detected.

However, you can only see the phishing attack alerts if you have external Teams access, a feature that allows users in your organization to talk to others who are not part of your organization. Even though the rollout started in mid-November, it has not reached all users, but Microsoft hopes to achieve that goal by mid-February. Microsoft also advises users to familiarize themselves with the new high-risk Accept/Block screen.

Read more
Microsoft Edge just got a secret weapon against scareware
Microsoft Defender and Edge Security settings are open on a PC monitor.

Microsoft announced its new scareware blocker at the 2024 Ignite conference a few months ago and now it's ready for users to try out. This preview is open to everyone who uses Edge; you just need to make sure you have previews enabled and that your browser is up to date.

Everyone knows about malware nowadays, which means people can get anxious very quickly if they have reason to think their PC has been infected. Scareware scams take advantage of this, using underhanded tactics to make users feel like they're not in control of their PCs and need to call the "tech support" number provided onscreen. The scammer then gains access to the computer by guiding the user over the phone.

Read more