In The News‎ > ‎

Typosquatting and fraud

posted Jan 29, 2015, 1:26 PM by Craig Cox   [ updated Jan 29, 2015, 1:28 PM ]
Hat tip to Wilmington ISY instructor Frank Sciallo for putting me on to this example.

Typosquatting is the practice of registering a URL (a web address or domain name) similar to a reputable site, in hopes that typos will bring in traffic meant for that site.  By the time this note is published, the site "amatrak.com" (a typo of "amtrak.com", with an extra a) should be blocked from within the college; but it will still be reachable from your home computer and portable devices, so please don't browse there.  I'll show you what pops up after a couple of redirects:

scam image

The receiving page read the source of the request, correctly identified it as a Delaware Tech address, also correctly identified the web browser, and popped up a request to call a toll-free support number to remove viruses I didn't have.

Had I called the number and stepped through their script, they would have tried to convince me that I was infected.  I would have been directed to download their software and install it, at which point I truly would have been infected, with my machine under the hacker's control.  What do they want with my computer?  I cover that in the previous post, "click fraud case study"

The defenses here are to look carefully at what you type, and prefer your own favorites (MS Internet Explorer) or bookmarks (Firefox) to typing in addresses.