url hijacking: Explainer: What is Typosquatting or URL hijacking and how to protect yourself from it – Times of India
In such an attack, when the user arrives at a malicious site, hackers have different approaches to do harm. They might steal your banking credentials or earn revenue as these fake sites can be landing pages for various forms of advertisements. Businesses can also get affected by URL hijacking as they lose customers this way.
Typosquatting is also known by other names like URL hijacking, fake URLs, domain mimicry or sting sites.
How cybercriminals start with Typosquatting is that they first buy and register a domain name that is a misspelled name of the website of an ecommerce, banking or other popular/important sites. They can also go for multiple domain names to increase their chances at conning unsuspecting people. Then, they design the webpage elements of the fake website to mimic the real website so that the customers might not find something fishy when they accidently reach there.
For example, the real website url could be shopbooksonline.com. A Typosquatted variant of the same could be shop-books-online.com or shopbooks-online.com or shpbooksonline.com or shopbooksnline.com. Another example could be google.mailpk.com (fake) when all you want is to go to google.com.
How to protect yourself from Typosquatting or URL hijacking
- Be very careful about clicking links that are part of unknown/suspicious emails, online chats, text messages, etc.
- Do not click any link on social media or through unknown websites if something seems out of place there.
- Check the url of the website link you are about to click by hovering over it. Look for typos there.
- Bookmark your frequently visited sites to avoid typing in the url every time.
- Do not open attachments that come in emails from unverified sources.
- If you have to type, go to a trusted search engine first and type the website address there. Don’t type directly in the address bar.
- If you think you have somehow landed on a fake website (assuming you realised this before you entered any sensitive details there), close the browser immediately.
- Do invest in a paid antivirus solution for your devices to minimise the risks of such cyberattacks.
For all the latest Technology News Click Here