Typosquatting: Tiny Web Typos Lead to Big Security Risks
A trusty old hacker trick called typosquatting is becoming popular again in the age of Facebook and Twitter.
By registering domain names that are similar to commonly visited sites www.facebok, for example -- typosquatters display advertisements or fraudulent promotional offers on their sites in the hopes that misspellings will draw traffic and victims.
Recently, according to an IDG News Service report, typosquatters have been taking advantage of the millions of people who visit Facebook and Twitter each day by offering gifts of iPads or other exclusive prizes.
Type www.facebok.com, and this is what shows up: Dear Visitor, You've been selected to take part in our anonymous survey. Complete this 30 second questionnaire, and to say 'thank you,' we'll offer you a few exclusive prizes. This offer is available today only.
Visit www.twitr.com and not only will people view the exact same message, but they'll be redirected to a site called twitter.com-survey2010.virtousads.com, where they'll get the chance to win a (fake) $1,000 Walmart gift card. All the user has to do to win these enticing offers is enter personal information, which, of course, then becomes the property of the cyber criminal.
Security experts warn users not to trust suspicious looking web pages and unsolicited offers or surveys.
- Facebook Phishing Scam Targets Macs, Asks: 'What are you doing in this video?'
- It's Not the IRS, the FDIC or Facebook: How to Avoid Email Phishing Schemes
- Social Networking Websites Review