How a typo can cause you problems.

Typo squattingNobody is perfect and we all make mistakes. One of the most common mistakes, in particular with mobile phones and their small keyboards, is the simple typo. Did you know that the evil doers have got sneaky ways that they try to capitalise on your fumbling fingers? It’s a technique called “Typosquatting“.

Essentially this is where the bad guys have a web page at an address that is very very very close to the spelling of a popular or well known webpage and they count on you having a typo and either missing a letter (e.g. instgram.com) or hitting an adjoining letter (e.g. facebooo.com) in error.

Don’t try this on your desktop/laptop/tablet/phone. I have a separate, sacrificial machine which I can use for such things.

I tried to access www.instgram.com (missing the “a” in the middle) and received the following page:

instgram.com 1

Notice the address where it is going to (circled in yellow) – that is not an Instagram address, but some sort of ad/advertising address.

When I clicked to continue, I got:

instgram 2

I didn’t continue any further, as I googled gr8musik.com and the results indicated it was a scam site, which if you registered with it, would take money from your credit card, even though you were supposed to be in some kind of a free trial period.

Similarly, I tried www.facebooo.com (an “o” instead of the “k”) and got the following:

facebooo 1

This was just some kind of survey. But you never know what you will get. A subsequent attempt to go to www.instgram.com brought me to the survey, followed by the survey (again), followed by a sign-up form for mcplayz.com (identical to the above gr8musik.com). So these crooks are randomly sending you to different pages trying to compromise you in someway.

According to this post, the victim’s typo sent him to a “Technical Support” page, where he was advised that his PC was locked and he needed to telephone for support. If he did this, the scammers at the other end of the line would have talked him through giving them remote access to the PC and then they would have totally locked him out and looked for his credit card details to “fix” the problem.

Some pages reached by a typo try to apparently show you a video, but then indicates there is a problem and that you need to download a specific video player to watch it. For example, the following headline is tempting you to watch the video to get your hands on software worth $7,000.

video player not

These will typically download what is referred to as adware, and if you read our last week’s post about the Fireball adware, you can see  how insidious that adware can be. Adware will take control of your browser and fire ads at you while you are trying to use the internet. It might also re-direct your searches to odd search engines, which will likely attempt to track you and violate your personal privacy on the internet.

So just be careful when typing addresses. Better still use bookmarks.

If you do inadvertently get taken to some page that you never intended to go to, just close the browser immediately by way of the X in the top right-hand corner of the window. You might get warnings about losing data, just ignore them and close that browser. It would do no harm to run a spyware check on your PC at this point, in case any adware did manage to sneak in without your knowledge or permission. There are free tools from Malwarebytes or Safer Networking that can do this for you, but you might want to also talk to some real life technical support (a techy friend or the IT team in your place of employment) about it and have them give your PC a once over.

Whatever you do, don’t continue to engage with a website that you weren’t intending to visit and stay safe.