Misspelled websites aim to steal information
— -- A single typo during an online-shopping foray can turn the holiday into a techno-disaster.
One Internet security firm is warning that a botched keystroke while typing an online address can give computer criminals a chance to hijack your system.
San Diego-based Websense Inc. has identified as many as 2,000 so-called typosquatters, which use sites that look identical to legitimate ones to capture personal information, launch malicious computer attacks and initiate online scams.
The Internet domains of some of the nation's most popular retailers, including Best Buy, Walmart and Apple, have been targeted so an errant character could take consumers to fake domains without their knowledge.
For instance, a shopper might accidentally land on the domain, wallmatt.com, as opposed to the big-box retailer's actual walmart.com. The site might look like the retailer's home page, but the extra "l" and "t" ensure that you have entered a typosquatter's domain.
Another method used to trick consumers: Spell the retailer's name correctly but misdirect consumers by changing ".org" or ".net" on Web addresses.
Chris Astacio, Websense manager of security research, said the popularity of online shopping has spurred unprecedented levels of typosquatting. Analysts started seeing fake domain registrations spike in October, in advance of the holiday-shopping season.
"Every year it gets to be more prevalent," Astacio said, adding that criminals want to capture Black Friday and Cyber Monday shoppers. "Criminals are registering the misspelling of domain names."
According to experts, simply landing on a typosquatter site can enable criminals to infiltrate your computer.
A Websense analysis found that most typosquatting domains lead to a bot network, used to steal passwords and obtain personal information such as financial or banking records. Bot networks aren't obvious and can involve millions of computers.
Another common typosquatting attack involves phishing schemes. Consumers landing on a phony domain instantly are offered online deals, coupons or even free merchandise. Pop-up ads offer fake products and tell consumers to fill out specific forms to claim prizes. In one case, the bogus domains tell consumers they have won an Apple iPad.
Astacio said in addition to asking for personal information, which can lead to identity theft, some pop-ups instruct consumers to dial a phone number to claim their prize. The caller will be placed on hold and will be billed for each moment the line is kept open, similar to calling a 900 number.
"As long as you've been on hold, you have probably racked up a charge high enough to buy an iPad," Astacio said.
Typosquatting sites also can infect computers with viruses. These malicious sites disable systems, leading to debilitating computer crashes. The sites can affect whole networks of computers, either to steal information or to wreak mayhem.
The registration of misspelled domain names is illegal. But in a report released this month, Websense said that it traced thousands of typosquatters to U.S. Web hosts. Although the bulk of targeted retailers are located in Great Britain, the hosts are based primarily in the United States.
