The rapid shift of brands towards online platforms and ecommerce portals, has opened the gates for cyber threats like Phishing, Cybersquatting and Typosquatting. In fact, every entity with an online presence today, feels burdened by the fear of compromising their brand reputation, in the face of these ubiquitous cyber threats.
While the term phishing keeps making rounds in the cybersecurity world, the terms cybersquatting and typosquatting are pretty less heard off. However, their impacts are equally destructive.
What is Cybersquatting?
Cybersquatting is basically a practice of buying and using a domain name, similar to the original brand domain name, with the intent to mine on the goodwill of a well-known trademark. While the opportunities for cybersquatters is diminishing nowadays, with enterprises becoming more conscious and alert about similar looking fraudulent websites, the threat is not completely dead yet.
Ways to identify cybersquatting
- Check the landing page of domain name – If clicking on the domain name opens up to an ‘under construction’ website or a page that says ‘domain name for sale’, there are high chances you are dealing with cybersquatters. Even if you are not, it doesn’t harm to dig a bit further just to be absolutely sure. Many a times, your domain name search may land you up on a website that looks functional, but is comprised of visual content & advertisements of products and services related to your company. This again is a red flag that you might be dealing with cybersquatters.
- Look up and contact the registrant of domain name – Instead of beating around the bush, it’s better to directly search for and contact the registrant of the domain name using “whois.net”. This would give you a fairly good idea about whether or not the registrant has valid explanation for registering the similar domain name.
What is Typosquatting?
Typosquatting or URL hijacking as it is mostly known, is also a form of cybersquatting. This practice targets users who mistakenly type incorrect web address while browsing and are automatically led to a malicious website. Surprisingly, the look and feel of this malicious website is so closely similar to the original website that most often users fail to realize that they have landed on the wrong website.
Typosquatting is mostly used for creating websites that are intended to steal your credentials and other personal information. Quite often, it is also used to sell services and products at a price that is competitive to the price on the website you actually intended to visit.
Ways to identify typosquatting
- As a thumb rule, DO NOT click on links received through emails, SMS, social media sites, etc. unless you are absolutely sure about it.
- Double check web address for typo errors and spelling mistakes, even if they look trustworthy.
- Keep your eyes open for functional websites that look legitimate yet weird with too many visuals or colours.
In short, while hackers are bound to come up with new ways and means of cyber-attacks, a little carefulness on your behalf can save you from becoming an easy victim of such phishing attacks.