Typos are a lot like bowel movements: everyone makes them and they stink. And now, new cybersecurity research suggests that some typos or misspellings you make in your web browser can expose you to malicious attacks. Hopefully, the same can't be said about your poop.
Specifically, security experts found that if you accidentally type ".om" instead of ".com" when visiting popular websites like Netflix, you could be redirected to other websites that prompt you to install malware or other harmful software on your computer instead of a landing on a standard URL error page, according to a report by Gizmodo. Security experts at Endgame believe malicious parties have purchased the .om domains (the top-level domain in Oman) for as many as 300 popular .com websites, such as Aol, Gmail, YouTube, Amazon, Netflix, and many others. The security firm has created an extensive guide explaining the threat.
"If the bad actor does his job well, a significant number of users mistype the intended domain in the expected way, and those unfortunate enough to hit “Enter” will unintentionally head down a dark road on the web," Endgame explains. "In some cases, effects can be relatively mild, such as: the user is redirected to objectionable material; the user is presented items for purchase from storefronts of questionable repute; or the user sees content that unfavorably portrays the intended brand or site. Effects can also be much worse. The malicious actor can spoof a real site to harvest login credentials, place backdoors on a system, install ransomware, or really anything else of his choosing."
Basically, the attackers bet on unsuspecting users landing on the pages they're redirected to and falling for the trap, like agreeing to download software from phony "Flash Updater" pop-ups that turns out to actually be malware. The malicious practice, which security experts refer to as "typosquatting," is nothing new, having previously been seen with other top-level domains like .co and techniques involving other common typos like "googgle.com," "googlw.com," and "googel.com," according to Endgame. Sounds like something out of a "Mr. Robot" episode, but unfortunately, it's real life.
Hopefully, you'll notice if, say, Netflix doesn't look like Netflix is supposed to, and you get the hell out of there without downloading anything. Mind your Ps and Qs -- and apparently, Cs, too.