Skip to content Skip to main navigation Report an accessibility issue
Information Security

Typosquatting: When a Tiny Typo Leads to Big Trouble



Have you ever mistyped a website address? Maybe you accidentally hit “goggle.com” instead of “google.com”? Well, that seemingly innocent slip-up can lead you down a treacherous path—one paved with cyber traps.

What Is Typosquatting?

Typosquatting is like a cunning chameleon. It preys on our human tendency to fumble our keystrokes. Here’s how it works:

  1. The Setup: Threat actors register domain names that look eerily similar to legitimate ones. Think “CSOnline.com” instead of “CSOOnline.com.” Sneaky, right?
  2. The Trap: Unsuspecting users—yes, that’s us—mistype a URL or click a link. Suddenly, we’re in the typosquatter’s lair.

Why Should You Care?

Because typosquatting isn’t harmless. It wears many hats:

  • Fraud: These impostor domains can be used for extortion—selling them back to the real brand owner.
  • Ad Shenanigans: Monetizing typosquatted sites with ads (cha-ching!) or redirecting users to competitors.
  • Info Theft: Harvesting credentials, sensitive data, and misaddressed emails. Sneaky, right?
  • Malware Delivery: Installing nasty surprises or offering “free” downloads (hint: they’re not free).

Stay Vigilant!

  1. Check Twice: Before you hit that Enter key, double-check the URL. Is it legit?
  2. Report Suspects: If something smells phishy, report it to OIT. It’s always better to be safe than sorry!

Remember, even a tiny typo can lead to big trouble. Stay savvy out there!