What is Typosquatting?
Typosquatting is a human error that cybercriminals exploit by using the cyber attack of Pharming (creation of fake web pages).
Sometimes, when typing the address of a web page quickly, we can make a mistake. For this reason refers to the fact that someone ends up on the wrong (fraudulent) website because he or she mistyped a URL. Cybercriminals are aware of this and use it to their advantage, buying domains similar to those of legitimate websites, which include these errors. Thus, users who type a URL with a letter changed because they typed it too fast (as we can see in the image), or confuse the “.es” for “.com” (or vice versa), etc., can end up falling into their traps.
These websites can be purely informative, display advertising or also be pages that impersonate the identity of real companies (e.g. banks). In addition, some of them may contain malware or virus-infected executable files, which are downloaded as soon as the User accesses them.
How can we avoid this as a company or entity?
Some companies buy domains similar to their URLs. In this way, they redirect Users to the correct website in case they do not type the address correctly.
As Users we must:
- Double check the URL (web page address) when typing it.
- Make sure that the URL starts with https (that “S” at the end or the padlock symbol in the web 🔒 are a guarantee of trust and security).
- Before making any transaction, especially if it is a payment or transaction, review the legal notice, privacy policies and terms and conditions.
- And if we see that a file is being downloaded by simply accessing that website, we must close the browser, disconnect the internet connection (cable or WIFI) and if possible run a scan with an antivirus.
IMPORTANT: If you think you have been a victim of this type of cyber attack or have found a fake website in the name of your company or entity, report it at work to the IT Department and at the personal level report it to the police authorities.
*Date of shipment: July 14, 2025