Skip to main content

Typos can get you hacked in latest cybersecurity threat

Even a simple and common error like mistyping a domain name can lead to cybersecurity attacks, the latest in the ongoing barrage of malware. Known as URL hijacking or “typosquatting,” this social engineering technique is built upon the knowledge that it’s easy to hit the incorrect key and end up visiting the wrong website.

With very little effort, a hacker can copy images, fonts, and text to construct a malware website that looks like PayPal, Google Wallet, Microsoft Visual Studio, MetaMask, and other popular websites. These fake websites are also used in phishing campaigns of all sorts since the similarity of the domain name is useful for a whole variety of confidence stings.

URL hijacking and phishing campaigns aren’t new, but there has been a recent increase in them. Bleeping Computer, with a little help from the security firm Cyble, discovered over 200 domains that impersonated popular websites for Android and Windows apps, cryptocurrency and stock trading, as well as subscription services apps.

The goal of fake websites for apps would be stealing credentials and infecting your computer or phone with viruses. Any website that involves subscriptions or payments would have the more direct approach of taking your money or cryptocurrency.

A common technique with URL hijacking is to add or change one letter. Bleeping Computer gave an example of a trustworthy website for the popular Windows text editor, notepad-plus-plus.org. A malware website exists that simply adds the letter S to the end of “notepad” to create the deceptive domain name.

Here's an example of a fake website that looks real, Notepad-Plus-Plus.
Image used with permission by copyright holder

Major browsers include a degree of protection, identifying some fake websites while missing others. To protect yourself, have a close look at the domain name shown in the website address box or do an internet search for the website, app, or service you want to visit. You can’t trust that you’re at an authentic website based on appearance alone.

Editors' Recommendations

Alan Truly
Computing Writer
Alan is a Computing Writer living in Nova Scotia, Canada. A tech-enthusiast since his youth, Alan stays current on what is…
Here’s how you can win this insane, custom Starfield PC
custom starfield pc giveaway

Gaming PC Modeled After Starfield Control Panel?! [Giveaway]

Modders always come out with some wild PC designs for new game releases, but this custom Starfield PC from Skytech Gaming might be one of the coolest I've ever seen. It's a machine that comes from a collaboration between Skytech Gaming, Intel, and SignalRGB, and you can enter for a chance to win it.

Read more
Opera GX is getting proprietary AI to make you a better gamer
Opera GX browser with Aria AI tool.

The Opera GX gaming browser -- which is among the best browsers around -- has been updated with the brand's proprietary AI writing assistant called Aria. It allows you to execute tasks such as asking questions, writing code, sprucing up communication, and learning how to navigate the ever-changing web landscape.

The tool is currently available to Opera GX Early Bird users. Gamers can use Aria to learn more about the latest gaming news and to easily find gaming tips with AI prompts. According to the press release, these could be based around news, such as "Has Starfield finally launched yet?," as well as tips, such as "How to beat the Juggernaut in Armored Core 6?"

Read more
Samsung’s Odyssey Neo G9 launches in October — if you can stomach its insane price
Samsung Odyssey Neo G9 (2023) playing a racing simulator.

Samsung's hotly anticipated Odyssey Neo G9 is arriving in October with an eye-watering $2,500 price tag. The monitor was first revealed in January, and Samsung has been making the rounds with its flagship display since then.

The release and pricing announcement is timed with this week's Gamescom, and comes a couple of months after Samsung opened reservations for the Odyssey Neo G9. Come October, you'll be able to purchase the monitor directly from Samsung or "at select U.S. retailers," according to Samsung's press release. Samsung hasn't yet confirmed the exact date the monitor will arrive.

Read more