A massive, malicious campaign is using over 200 typosquatting domains impersonating twenty-seven brands to trick visitors into downloading various Windows and Android malware. The malicious websites are clones of the originals or at least convincing enough.
The domains used in this campaign are very close to the authentic ones, featuring a single letter position swap or an additional “s”, making them easy for people to miss. Victims typically end up on these sites by mistyping the website name they want to visit in the browser’s URL bar.
Users could also be led on these sites via phishing emails or SMS, direct messages, malicious social media and forum posts, and other ways. Typosquatting is an old method of tricking people into visiting a fake website by registering a domain name similar to that used by genuine brands.
A much larger typosquatting campaign from the same operators was found distributing Windows malware. This campaign consists of over 90 websites created to impersonate over twenty-seven popular brands to distribute Windows malware, steal cryptocurrency recovery keys and push Android malware.
Some browsers like Google Chrome and Microsoft Edge include typosquatting protection. For protection from typosquatting domains, the best method to find a legitimate site is to search for a particular brand in a search engine. However, users should avoid clicking on ads shown in search results, as there have been many cases where malicious ads are created to impersonate a real site.
See What’s Next in Tech With the Fast Forward Newsletter
Tweets From @varindiamag
Nothing to see here - yet
When they Tweet, their Tweets will show up here.
