80% Of Mistyped URLs Lead To Typosquatting Sites: Study

IT security and control firm,Sophos,is cautioning computer users to be careful while typing the URLs, following the results of a Sophos study into the scale of ‘Typosquatting’.

Typosquatters register misspellings of popular websites in the hope that they will be able to make money out of traffic from unintentional typing mistakes made by internet surfers. Sophos looked at typosquatting targeting its own website and those of Facebook, Google, Twitter, Microsoft and Apple. The study looked for registered websites for every single one letter typo of the company name: one letter omitted (eg. Sopos), one letter mistyped (eg. Sphos), or one letter added (Ssophos).

The study revealed that there is a significant typosquatting ecosystem around high-profile, often-typed domain names. A huge 86 percent of the possible one letter misspellings of the Apple homepage led to typosquatting sites.

The highest proportion of the squatting sites - 15 percent - led to advertising sites. Cybercriminals will register misspelled sites to make advertising revenue every time someone mistypes the name of a popular site. 12 percent were found to be IT & hosting pages - suggesting that they have been registered with the intention of being held onto and sold at a profit, which is also known as ‘domain parking’. Of the 14,495 misspelled URLs looked at in the study, 738 (5.1 percent) were categorised by Sophos as cybercrime or adult. The former should always be blocked; the latter should be blocked at least in the workplace or around children.

“It’s so easy to mistype a URL, and it’s inevitable that from time to time you will end up on an unintended website. In the worst cases, careless typing can lead you to a criminal website designed to steal your identity or phish your credentials. A good idea is to bookmark your favourite websites rather than rely upon your fingers working correctly,” said Graham Cluley, Senior Technology Consultant at Sophos.