You may have already heard of ‘typosquatting’ or ‘url hijacking’, these are not a new phenomenon but recently there has been a massive increase in the number of these sites across the internet. Any company that gains a sizable online presence faces the threat of typosquatters, giant brands like Twitter, Facebook and Google have all been victims of typosquatters. Facebook and Google have previously filed suits against alleged typosquatters contending that they are infringing on the company's trademarks, using domain names such as facebobk.com, fscecbook.com.
Cybercriminals are also reported to be registering legitimate sites with false suffixes such as '.org' or '.net'. With 80% of all online shopping taking place during office hours, employers need to be sure that when employees are shopping on line using company equipment they are accessing safe and protected sites and not exposing the network and organisation to threats that could have serious security and ultimately financial consequences.
These sites look legitimate and normally display advertising, but recently cybercriminals have begun to lure visitors to participate in competitions and promotions offering gifts and prizes. A 2010 study conducted by Fair Winds Partners, a Washington (DC)-based Internet consulting firm, estimates that typosquatting costs the 250 most-trafficked websites $285 million annually in lost sales and other expenses.
With the continued growth of online ad networks, it’s getting easier for squatters to earn money off their ill-gotten traffic. A naïve or careless employee who falls for these scam websites believing them to be legitimate, exposes the companys network and data which can have devastating consequences for a business compromising security and resulting in an expensive clean up operation.
In preparation for the Christmas shopping spree and January sales careful typing can help ensure company machines are not compromised but careful typing alone will not solve the problem.
Don't be the next victim, download our latest whitepaper on best messaging and web security practises for more information on how to protect your organisation from online and email attacks.
Sign-up for email updates...