BIRMINGHAM, Ala. (WBRC) -A Krebs Security investigation found hackers have built a huge network of malicious websites all playing off common typos in web addresses for popular sites like Facebook and Twitter. It’s called “Typo squatting” and it can take you to sites loaded with malware.
“We’ll be typing to go to a specific website and we misspell it either phonetically or just simply fat finger it and it takes us to a site that’s very similarly spelled but and similarly sounding but it contains malicious code,” Robert Hill a cyber security expert and Chief Information Security Officer with Cyturus said.
Krebs found those fake sites get about 50 million hits a year. If you find yourself on those sites, you could find your computer is suddenly locked up with fake security alerts or worse.
“Just by landing on that site you could have some sort of malware installed on your machine or take you to a site that is specifically delivering malware to your machine,” Hill said.
If you find yourself on one of these fake sites, don’t click on anything even if you are offered a link to the website you are visiting.
It can be dangerous to type web addresses directly into that browser address bar. A safer bet is to bookmark the sites you use often.
In a study, the British security software and hardware company Sophos analyzed data that takes a look at the typosquatting ecosystem. Sophos surprisingly found little malware but still plenty or risk. You can read their report here: https://nakedsecurity.sophos.com/typosquatting/