Skip to main content
  1. Home
  2. Computing
  3. News

Typos can get you hacked in latest cybersecurity threat

Add as a preferred source on Google

Even a simple and common error like mistyping a domain name can lead to cybersecurity attacks, the latest in the ongoing barrage of malware. Known as URL hijacking or “typosquatting,” this social engineering technique is built upon the knowledge that it’s easy to hit the incorrect key and end up visiting the wrong website.

With very little effort, a hacker can copy images, fonts, and text to construct a malware website that looks like PayPal, Google Wallet, Microsoft Visual Studio, MetaMask, and other popular websites. These fake websites are also used in phishing campaigns of all sorts since the similarity of the domain name is useful for a whole variety of confidence stings.

Recommended Videos

URL hijacking and phishing campaigns aren’t new, but there has been a recent increase in them. Bleeping Computer, with a little help from the security firm Cyble, discovered over 200 domains that impersonated popular websites for Android and Windows apps, cryptocurrency and stock trading, as well as subscription services apps.

The goal of fake websites for apps would be stealing credentials and infecting your computer or phone with viruses. Any website that involves subscriptions or payments would have the more direct approach of taking your money or cryptocurrency.

A common technique with URL hijacking is to add or change one letter. Bleeping Computer gave an example of a trustworthy website for the popular Windows text editor, notepad-plus-plus.org. A malware website exists that simply adds the letter S to the end of “notepad” to create the deceptive domain name.

Here's an example of a fake website that looks real, Notepad-Plus-Plus.
Image used with permission by copyright holder

Major browsers include a degree of protection, identifying some fake websites while missing others. To protect yourself, have a close look at the domain name shown in the website address box or do an internet search for the website, app, or service you want to visit. You can’t trust that you’re at an authentic website based on appearance alone.

Alan Truly
Alan Truly is a Writer at Digital Trends, covering computers, laptops, hardware, software, and accessories that stand out as…
South Korea wants to give every citizen free, unlimited access to its own AI chatbot
The government-backed service could turn generative AI into public infrastructure instead of another monthly subscription
Electronics, Mobile Phone, Phone

South Korea wants to give every citizen free access to an AI chatbot with no usage limits. That puts the technology closer to a public utility than another premium service demanding a monthly subscription.

The Ministry of Science and ICT announced the AI for Everyone project on July 13. Private companies will build the platform around locally developed models, while a separate AI agent will help people navigate government services. It’s a more practical job than generating emails or settling arguments nobody wanted to research themselves.

Read more
Falling in love with a chatbot is now off limits for kids in China
The crackdown targets emotional AI relationships as regulators worry about the country's record low birthrate.
Replika AI companion app on an iPhone in hand

Ever since AI chatbots arrived on the scene, there has been one aspect that has worried lawmakers and experts a lot: humans forming emotional connections with chatbots. There have been plenty of cases where over-reliance on these AI companions or partners has resulted in medical emergencies, lost lives, and triggered multiple lawsuits against the likes of OpenAI and Meta.

China cracks down on AI companion apps

Read more
Russian hackers keep finding their way into critical networks through neglected routers
A multinational warning says outdated firmware, weak passwords, and insecure settings are giving state-backed attackers an easy opening
A Wi-Fi router next to a laptop.

Russian state-backed hackers have spent more than a decade exploiting a stubborn weakness in critical infrastructure networks. Organizations are still leaving poorly configured and outdated routers exposed to the internet.

In a joint cybersecurity advisory, the NSA, CISA, FBI, and international partners warn that hackers linked to Center 16 of Russia’s Federal Security Service are continuing to target vulnerable networking equipment. Energy, healthcare, and government networks are among the sectors facing the highest risk.

Read more