Cyber thieves, ransomware, typosquatting– “om” my!
The latest ploy cyber crooks are using to spread ransom-ware and other types of computer malware to provide them with remote access to PCs and Macs or to steal log-in credentials, is to catch you making mistakes. After buying domain names with a missing or misplaced letter in website addresses belonging to well-known companies, they simply wait for you to make a typo.
You don’t even realize you’ve hit a wrong key until your website pops up at an address that sort of looks right. But hidden in the details are ways that crooks siphon off your info, ID, links to other internal info, and all that stuff that keeps you awake at night.
The biggest threat results in the most common typos — either a misplaced or missing “c” (you might be typing amazonc.om or amazon.om) so a web address ends with “.om” instead of “.com,” reports online security firm Endgame.
Cyber Hackers are buying up these wrong website addresses
Those two Amazon domain names are among more than 300 .om-ending domain names that hackers have purchased for this new malware-spreading scheme, according to Endgame. Hackers also spoof Facebook, LinkedIn, AOL, banks including Bank of America and Wells Fargo, pharmacies CVS and Walgreens, retailers such as Walmart and JC Penney, and even online porn sites.
True, scammers have long used website addresses with a missing, extra or misplaced letter to spoof those belonging to well-known brands for typo trickery. This time they want to lead consumers to more than just copycat websites that sell counterfeit goods, or surveys, but that actually mines for sensitive personal information.
Last Spring, Endgame discovered this new malware-spreading angle — called “typosquatting” — when one of its researchers mistyped Netflix.om instead of the correct Netflix.com, and was redirected through a series of dubious pop-up ads and, eventually, to a malware-infested site that prompted him to download a file that appeared to be an Adobe Flash Player update. That familiar fake “Flash Update” usually serves up risky (and possibly malware-laden) pop-ups and other annoyances on computers, so don’t download or install it.
Endgame says that most of the .om-ending sites it discovered operate the same way: They don’t directly install malware but, instead, lead to other infected pages. So that’s good news, at least.
Disguises from discounts on services from trusted companies
In addition to .om-ending risks, other typosquatting tricks that may result in malware that gives hackers control of your computer and everything on it include website addresses with doubling characters (“googgle.com”), missing letters (“gogle.com”), adjacent keys (“googlw.com”) and letter swapping (“googel.com”).
So carefully read what you type before hitting Enter to access a website, especially if you’re a fast or fat-fingered typist. That’s also a good practice to follow before clicking on links that appear in search engine results or online advertisements; they, too, may have typos that spell trouble.
Snippets taken from Endgame, AARP, Fraud Watch, Scams of the nation, and other media sourced quotes: For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and gain access to a network of experts, law enforcement and people in your community who will keep you up to date on the latest scams in your area. [This is only for information and is not considered as sponsorship or endorsement of the services or companies mentioned, etc..]