Of all the myriad of ways that we can be duped, scammed, or otherwise taken advantage of on the internet, “typosquatting” remains one of the easiest to stumble into.
Perpetrators of this scam will purchase site domain names that are very similar to popular pages that people visit, usually by changing the .com part of the web address to .cm. This preys on people who make typos, which is, suffice to say it – all of us.
These duped sites can range from being pop-up laden cesspools riddled with viruses or malware, to near-replicas designed to fool users into inputting login information that can be manipulated later.
So, who is doing this? While these types of tricks can occasionally be tied down to lone actors (given how easy it is to obtain a domain name), KrebsOnSecurity identified the marketing firm Media Breakaway LLC to be behind more than 1500 of these false .cm domains. The company is headed by one Scott Richter – a convicted felon who has been the target of several successful lawsuits for illegal spamming. Other companies related to Richter include Dynamic Dolphin and affiliate[dot]com, also related to email spam.
Just how many people are falling victim to these scams? More than 12 million in a 3 month time frame – amounting to a potential of 50 million per year, according to an analysis conducted by Matthew Chambers. Several of these visitors additionally were found to be coming from .gov and .mil sites in the USA, which are the official federal government and military domains. Many popular news sites, social media, banking, and music streaming sites have these malicious doppelgangers.
The actionable item to protect yourself in this situation ultimately boils down to a matter of double-checking the web address before you hit enter, or bookmark your most commonly visited sites.
For more information on this subject, feel free to reach out to us @CentryLTD on Twitter or any of our other social platforms.