KPM

Search
Menu
Contact Us
Search
PAY NOW
KPM_LOGO
PAY NOW
Menu
  • Articles, Featured, Fraud, Home
Occupational Fraud Quantifying Fraud Loss Charity Scams Employee Fraud Fraud Loss In Multiple Locations Early Revenue Recognition Liquidity Overload Keep Fraud Out Of Your Restaurant Guarding Against Fraud with Gen AI Lifestyle Analysis To Investigate Fraud Fraud prevention FinCEN Beneficial Owner Scam Vendor Fraud Residual Risk Antifraud Tax-Avoidance Scams Remote work Social Engineering in ACH/Wire Transfers Fraud risk Money Laundering Fraud FTC Accounts Receivable Phoenix Companies

Typosquatters Profit From Common User Errors

The Web has opened plenty of new avenues for criminal behavior. For example, you may have heard of cybersquatting. Someone registers a site’s domain name that includes a trademark and then tries to profit by selling that name to the trademark owner.

But are you familiar with typosquatting? You should be — because these schemes can make just about any organization, along with visitors to its website, the victims of fraud.

Fat fingers

Like cybersquatting, typosquatting (also known as URL hijacking) involves the purchase of domain names in bad faith. It takes advantage of an inclination among users known as ‘fat fingers’ — basically, our tendency to hit the wrong keys and enter misspelled trademarks or brands. For example, in a case involving the retailer Lands’ End, a typosquatter registered domains such as landswnd.com and lnadsend.com. Other human errors — for example, typing the wrong URL extension (.com instead of .org) or omitting punctuation marks such as hyphens — also can work to typosquatters’ advantage.

Some fraudsters seek to divert consumers away from competitors or just draw traffic to their own sites (often pornography or dating sites). A recent report from security firm DomainTools LLC says that major media outlets, including USA Today, the New York Times, and the Washington Post, are frequently targeted. DomainTools found hundreds of fraudulent domain names related to these publications.

Big money

Other typosquatters go further. For example, the websites they divert to might feature a phishing scheme, whereby a visitor is induced to enter login information or download malware. Such tactics can make big money for fraud perpetrators — particularly if they target the right sites. Earlier this year, an anonymous typosquatter announced that he had stolen 200 bitcoins (then worth an estimated $760,000) from Dark Web sites over the previous four years.

Typosquatting also can be used for corporate espionage. In one case, a law firm sued a programmer who had obtained a domain name similar to its own, except for a minor typo. The law firm alleged that the defendant had used his doppelgänger domain name to create fake email accounts and intercept email sent to the firm.

Best defenses

When it comes to avoiding typosquatting, awareness is probably the best defense. Your company should regularly check various mistyped versions of its URLs and consider purchasing as many similar domain names as possible. Contact us if you are worried about fraud — both on- and off-line.

Related Articles

Fraud

Occupational Fraud: Identifying Perpetrators and Preventing Losses

Individual Tax

Renting Out Your Home: The Pros & Cons

Small Business Tax

Establish A Tax-Favored Retirement Plan Today

Talk with the pros

Our CPAs and advisors are a great resource if you’re ready to learn even more.

Contact us