Typosquatting and Other Phishing


Typosquatting and Other Phishing Trends You Should Know


Cybersecurity is an ever-evolving field. That’s because cybercriminals are getting more and more creative every day. 76% of businesses reported being the victim of a phishing attack in 2017. To protect yourself and your company, it’s essential that you stay updated on cyber-attack techniques like typosquatting.

But what is typosquatting? And what other phishing trends do you need to be aware of this year? Here’s a quick primer on what a typo- squatted domain is and how it can harm you or your company. We’ll also talk a bit about the major phishing trends to watch into the future.


What Is Typosquatting?

Typosquatting is a practice in which people register mis-spellings of popular domains. At the relatively benign end of the scale, such sites are looking to make money in the form of ad placements or affiliate links from the accidental traffic they receive. At the other end are the more malicious use of the domains, scammers duplicate the interface you were expecting to find to phish for sensitive information.



The bait-and-switch scam relies on the user landing on a Typo-squatted site and assuming it’s the real deal. When the user then interacts with the false site, they’ll be ferried away to another domain where they’re offered a “great deal” or “unbelievable offer”. This scam relies on the user’s implicit trust in the brand being Typosquatted. Apple wouldn’t send them to a dodgy page, after all.


Typosquatting and Other Phishing Trends You Should Know


Brand Abuse

Brand abuse is what happens when a typosquatted page replicates the front-end interface of the page the user expects to find. This sort of scam can generate revenue in a number of ways. When abusing the Google brand, for example, scammers can present sponsored links as organic search results and earn click-through revenue. The most malicious use of this technique is to phish for sensitive information. You mistake the typosquatted interface for the real deal and “log in”, basically handing over your username and password to the scammers behind the domain.


Phishing Isn’t Going Away

Phishing works. It’s an undeniable fact and scammers are only getting smarter when it comes to how they attack. Key phishing trends to watch out for this year include:


Hybrid Pseudo-Ransomware Attacks

Some scammers are starting to lead with deliberately obvious phishing emails that tie IT and network teams up working to prevent the attack. Meanwhile, another, more subtle attack is launched in the background.


Mobile Malware Will Rise

Over 50% of all Internet usage is now on mobile. That includes some very sensitive activity such as banking and email. As a result, scammers are concentrating their efforts on mobile more than ever before.


More Scammers Are Using Social Media

Scammers go where the users are and over 2.46 billion of them are on social media platforms such as Facebook and Twitter. As a result, users will see more fraudulent social media accounts, often posing as big-name brands or customer service entities. Attackers will also ramp up their usage of phishing bots to scan social media accounts to better target their victims.


Cybersecurity Is a Must

As cybercriminals get more and more inventive, the cybersecurity industry must evolve rapidly to meet them. Familiarity with techniques like typosquatting is essential to keep you and your business secure.


Looking to shore up your company’s cybersecurity?

Get in touch now and see how we can help your business stay safe

Ready to solve your IT problems?

Whatever your business technology needs are, we can help!