ELI5: What is Typosquatting?
If you accidentally type “gooogle.com” instead of “google.com,” a bad guy might own that misspelled address and show you a fake website. They count on people making tiny typing mistakes.
Definition
Typosquatting (also called URL hijacking) is a social engineering technique that involves registering domain names that are common misspellings, alternative spellings, or close variations of popular websites. When users accidentally type the wrong URL, they land on the attacker’s site instead of the intended one—which may serve malware, host phishing content, or display advertising.
Key Details
- Common typos exploited: letter transposition (gooogle.com), missing letters (gogle.com), added letters (googlee.com), wrong TLD (google.org instead of .com), hyphenation.
- Combosquatting: Adding words to legitimate brands (google-security.com, paypal-verification.net).
- Used for: phishing (fake login pages), drive-by malware downloads, advertising revenue (visitor clicks on ads thinking they’re on the real site).
- Organizations protect brands by registering common typo variants of their domains proactively.
- Related to homograph attacks: using look-alike Unicode characters that appear identical to ASCII characters.
Connections
- Parent: social-engineering — a URL-based deception technique
- See also: brand-impersonation