Security+

Typo Squatting and URL Hijacking

Typo Squatting and URL Hijacking: Typo squatting (also spelled typosquatting) and URL hijacking are the one and the same.

Difficult to describe as an attack, this is the act of registering domain that are similar to those for known entity but based on a misspelling or typographical error.

As an example, a reader wanting to go to Sybex.com to find out additional information about this would be visiting the publisher’s site (hosted beneath Wiley, incidentally), but someone intending on doing harm could register Sybecks.com in the hopes that the same reader would misspell the word.

Instead of arriving at the safe site of the publisher, they would end up at the other site, which could download Trojans, worms, and viruses—oh my.

The best defense against typo squatting is to register those domains around yours for which a user might intentionally type in a value when trying to locate you.

This includes top-level domains as well (.com, .biz, .net, and so on) for all reasonable deviations of your site.

Related Articles

Leave a Reply

Back to top button