Typosquatting Ramping Up Ahead of 2020 Elections
October 23, 2020
While typosquatting is expected to increase heading into 2020 for the elections, it’s not just politics that can and will be affected by this. That said, researchers from the company Digital Shadows scoured the Internet looking for websites that could be intentionally trying to trick voters and users heading into the U.S. elections next year. They discovered more than 550 fake websites for the Democratic and Republican candidates as well as 11 related to other domains dealing with the elections.
Sixty eight percent of those sites were created to intentionally lure people to malicious or phony sites. The example Digital Shadows provided was a typo in the spelling of candidate Elizabeth Warren where the “a” was an “i.” That site redirected readers to a website for “donaldjtrump.com” page. According to Digital Shadow, “In total, 66 of the 550 domains were hosted by the same IP address, under the privacy protection service WhoisGuard, Inc., since October 3rd, 2019.
Typosquatting is when someone purchases similar domain names to those owned by another entity or person, targeting users who mistype a URL address into a web browser. It is also referred to as URL hijacking, domain mimicry, domain-jacking, do-jacking, or less often, a sting site. It is commonly done for websites where users enter sensitive or confidential information such as financial sites.
To mitigate the risk of going to a malicious, or just an undesirable website, be sure to double check the URL address before pressing the “return” or “enter” button on the keyboard or device being used. Financial websites are often targeted by changing one letter in the name or even by using keys right next to the actual ones that are often mistyped. For example, using an “n” instead of “m” in the name or substituting “0” for an “O.” Bookmarking commonly used websites also helps considerably.
A very simple typographical mistake can lead to serious repercussions for users. Taking simple steps can lower that risk.
Stickley on Security