One Internet security firm is warning that a botched keystroke while typing an online address can give computer criminals a chance to hijack your system.
San Diego-based Websense Inc. has identified as many as 2,000 so-called typosquatters, which use sites that look identical to legitimate ones to capture personal information, launch malicious computer attacks and initiate online scams.
The Internet domains of some of the nation's most popular retailers, including Best Buy, Walmart and Apple, have been targeted so an errant character could take consumers to fake domains without their knowledge.
For instance, a shopper might accidentally land on the domain, wallmatt.com, as opposed to the big-box retailer's actual walmart.com. The site might look like the retailer's home page, but the extra "l" and "t" ensure that you have entered a typosquatter's domain.
Another method used to trick consumers: Spell the retailer's name correctly but misdirect consumers by changing ".org" or ".net" on Web addresses.
According to experts, simply landing on a typosquatter site can enable criminals to infiltrate your computer.
A Websense analysis found that most typosquatting domains lead to a bot network, used to steal passwords and obtain personal information such as financial or banking records. Bot networks aren't obvious and can involve millions of computers.
Another common typosquatting attack involves phishing schemes. Consumers landing on a phony domain instantly are offered online deals, coupons or even free merchandise. Pop-up ads offer fake products and tell consumers to fill out specific forms to claim prizes. In one case, the bogus domains tell consumers they have won an Apple iPad.
Typosquatting sites also can infect computers with viruses. These malicious sites disable systems, leading to debilitating computer crashes. The sites can affect whole networks of computers, either to steal information or to wreak mayhem.
No comments:
Post a Comment