Hackers prey on typo-prone web users using doppleganger sites

Unless you are a machine, you’ve mistyped a domain name from time to time in trying to reach a website.

And so-called typo-squatters take advantage of human fallibility by creating fake or spoof web sites that come up under common misspellings. Usually the sites are just a nuisance. But now, typo-squatting has taken a dangerous turn.

Squatters have been setting up email servers to collect messages where the sender has mistyped an address, according to InfoWorld blogger Roger Grimes.

In some cases, researchers at think-tank Godai Group have duped the squatters into sending replies intended for Fortune 500 companies, asking for more information. Grimes, a cybersecurity veteran, wrote even he would be fooled by some of the responses.

Domains operating under misspelled names are also known as dopplegangers.

This story is part of Federal News Radio’s daily Cybersecurity Update. For more cybersecurity news, click here.

Copyright © 2024 Federal News Network. All rights reserved. This website is not intended for users located within the European Economic Area.