Typosquatting: How online typing errors can lead to identity theft
NORTH WALES, Pa. - May 2, 2012 (WPVI) -- Tiny typos could lead to big problems when you're online. You could make your computer vulnerable to a virus, a scam, or identity theft.
It's all because of a security issue called typosquatting which has reached unprecedented levels of criminals trying to take advantage of the growing popularity of online shopping and social media.
Andrea Lacianca went online to buy some new running gear. She was trying to get to the website for Dick's Sporting Goods. But instead of typing in the entire name Andrea abbreviated it and ended up on a porn website.
"Oh my God, what have I done? And clicked x as fast as possible," she said.
Andrea's husband, Mike, also fell victim.
"I went to Raymour and Flanigan.com. I misspelled it and up popped this other website and just weird things started happening on the computer," Mike said.
Turned out, by going to the other website Mike ended up with a Trojan horse on his system which can give hackers remote access to your computer allowing them to infect it with other malware and even use your system for more nefarious, illegal purposes.
"But I could tell immediately something was wrong. There were pop ups coming up and stuff like that," he explained.
The Laciancas had unwittingly entered into the world of typosquatting also known as URL hijacking.
Typosquatters count on accidental misspellings or other mistakes to get people to their sites. For instance, you may type in dot-org instead of dot-com. Or instead of typing in Twitter.com to get the real Twitter website you may type in twitr.com and get a prize site pop-up.
If you enter in your personal information experts say now you're not just vulnerable to a computer virus but perhaps even worse to identity theft.
Many times, instead of ending up on a site that offers gifts, prizes, or sweepstakes you may end up on a phishing website site that looks just like the legitimate one.
"When you log into what looks like a legitimate merchant site - but it's not and you enter in your user name, your password, or any sort of payment information," said Rob D'Ovidio of Drexel University.
Computer security experts estimate there are thousands of so-called typosquatters. But there are also ways to avoid them. First and foremost pay attention to what you type into your web browser. A good way to get to popular merchants or financial institutions is to go through a search engine.
"Google, yahoo, bing, all the popular search engines are not only going to have legitimate addresses for those merchants and those financial institutions but they're also going to scan those sites for malware to prevent drive-by hacking," D'Ovidio said.
And, of course, use common sense. If a website looks suspicious or fishy it probably is so exit and try again.
For more information on typosquatting:
identity theft, special reports, brian taff
- Violent Chester police confrontation caught on video
- Lots of sun, chilly today 24 min ago
- Get the 6abc StormTracker app
- WATCH: Action News Online
- High winds bring damage to Abington Twp. 48 min ago
- Driver loses control, hits parked SUV in South Philly
- Flames spread through house in Egg Harbor 27 min ago
- Free coffee as Wawa celebrates 50th 14 min ago
- Man charged with hoax near marathon finish line
- Bucks Co. runner set to return to Boston Marathon
- Chaka Fattah Jr. files $10 million federal lawsuit
- Police: Pa. man tries to snatch baby from stroller
- Video: Boy gets stuck in claw arcade game 43 min ago
- Photos: Suspects wanted by Philadelphia Police
- High winds bring damage to Abington Twp.
48 min ago
- Flames spread through house in Egg Harbor
27 min ago
6abc.com News Links
Most Viewed StoriesMost Viewed Photos