Skip to main content

Microsoft Edge now warns when your typos can lead to being phished

Microsoft has detailed its latest effort to protect against various types of fraud that can happen via a method as simple as spelling a website URL incorrectly.

The company has announced as of Monday that it is adding website typo protection to its Microsoft Defender SmartScreen service, to aid against web threats such as “typosquatters.” These types of cybercrime can include phishing, malware, and other scams.

Microsoft Defender SmartScreen helps protect users against websites that engage in phishing and malware campaigns.
Image used with permission by copyright holder

If you happen to have a typo in the website name you’re trying to input, it can send you to an alternate page that hosts “advertising sites, affiliate links, false products, fake search engine results, or in some cases by redirecting users into parked domains reserved for very short-lived phishing campaigns,” Microsoft noted.

The new Website typo protection on the Microsoft Defender SmartScreen service combats these typosquatter tactics by alerting you via a warning page when you have misspelled a URL and been directed to a typosquatting site. You will be asked to verify the site address you want to visit before you can continue, the brand added.

Microsoft has already partnered with the Bing Indexing team in order to identify new typosquatters and their webpages as soon as they pop up to keep the Microsoft Edge browser dynamically updated.

Microsoft is not always known for its preventative measures when it comes to cybersecurity. More commonly, the brand responds in the aftermath of a major exploit.

A recent zero-day vulnerability, CVE-2022-41040, and CVE-2022-41082, that was discovered in Microsoft’s Exchange email servers in early October was not only already exposed to bad actors, but it was also mistaken for a different exploit before it could be identified.

At the time, Microsoft stated it was “working on an accelerated timeline” to address the zero-day vulnerability and create a patch. However, with the exploitation already in the wild, there are ample opportunities for businesses and government entities to be attacked by bad actors. So far, there haven’t been any known attacks using the CVE-2022-41040 or CVE-2022-41082 vulnerabilities.

Editors' Recommendations

Fionna Agomuoh
Fionna Agomuoh is a technology journalist with over a decade of experience writing about various consumer electronics topics…
Chinese hackers targeting critical U.S. infrastructure, Microsoft warns
chinese hackers caught targeting vital us infrastructure china flags

State-sponsored hackers based in China have been working to compromise critical infrastructure in the U.S., Microsoft said on Wednesday. It’s thought the attacks could lead to the disruption of important communications between the U.S. and its interests in Asia during future crises.

Notable target sites include Guam, a small island in the Pacific with an important U.S. army base that could play an important role in any clash with China over Taiwan.

Read more
You can now try out avatars and virtual spaces in Microsoft Teams
microsoft brings mesh to teams as gateway metaverse for grid

Microsoft has announced the rollout of several anticipated features for Teams, including avatar support and immersive spaces.

The company is showcasing the new features during its annual Build developer conference, which is currently taking place from May 23 through May 25.

Read more
Microsoft just gave you a new way to stay safe from viruses
A dark mystery hand typing on a laptop computer at night.

Microsoft has just taken a vital step towards better protecting your devices from malware, and it’s one that could stop viruses dead in their tracks. Interestingly, though, the Redmond giant seems to have made no mention of the change, despite its significance.

The new policy might sound minor on the surface: Microsoft’s SharePoint cloud storage service can apparently now scan files that are encrypted or password-protected. Previously, this wasn’t thought to be possible.

Read more