Endgame first came across typosquatting when an employee made a typo in “www.netflix.com,” instead typing, “netflix.om.” As Endgame notes, “He did not get a DNS resolution error, which would have indicated the domain he typed doesn’t exist. Instead, due to the registration of “netflix.om” by a malicious actor, the domain resolved successfully.” Luckily, being an Endgamer, he was able to spot the malware, and “retreated swiftly, avoiding harm.”
Other less savvy users, however, may not have been as lucky. The malware Genieo, Endgame notes, is a rather “common OS X malware/adware variant” that “typically infiltrates the user’s system by posing as an Adobe Flash update.” If the user accepts the update, then Genieo “entrenches itself on the host by installing itself as an extension on various supported browsers (Chrome, Firefox, Safari).”
Typosquatting isn’t all that new — indeed, malware has previously been delivered by way of mistyped addresses. But Endgame does say that it hasn’t previously come across “.om abuse.” So how concerned should we be? The security firm suggests, “Our research also indicates that .om domains associated with the vast majority of major brands may be unregistered. It does not appear that are widely including the .om in their typosquatting mitigation strategies. We strongly recommend doing so.”
So be careful when you’re typing, friends. This is one type of “om” you want nothing to do with.
Editors' Recommendations
- Does your Mac need antivirus software in 2024? We asked the experts
- Don’t buy the RTX 3060 in 2024
- Does your Mac really need antivirus software? We asked the experts
- Don’t buy a cheap GPU in 2024
- This one feature could prevent motion sickness, but the Vision Pro doesn’t have it
