A typo or misspelt web address can put your hard-earned money and sensitive information at risk. 

‍

Cybercriminals have become experts at exploiting these slip-ups through a clever trick known as typosquatting, which is more common than you might think. 

‍

In addition, brand impersonation is another similar tactic hackers can use to deceive you. Both tricks are similar but equally damaging if you fall victim.

‍

A recent analysis by Zscaler ThreatLabz revealed that over 30,000 lookalike domains have been used to impersonate some of the world’s most trusted brands, including Google, Amazon, and Microsoft.

‍

In this blogpost, we’ll teach you the difference between typosquatting and brand impersonation and steps you can take to protect yourself. 

‍

Typosquatting vs brand impersonation

Typosquatting, also known as URL hijacking, is a type of cyber attack that exploits the mistakes users make when typing website addresses for malicious gain. To pull this attack off, cybercriminals register domain names with slight variations or misspellings of legitimate websites. 

‍

For example, mistyping “amazon.com” as “amaz0n.com” (replacing the letter "o" with a zero) could direct you to a fraudulent website. These fake websites are designed to appear real, tricking unsuspecting users into entering sensitive information, like login credentials, and payment details, or prompting them to download malware.

‍

Brand impersonation takes this deception a step further. Cybercriminals create fake websites, emails, and messages that mimic legitimate brands to trick unsuspecting users.

‍

While small and large companies can be impersonated, attackers often target major brands like Amazon, Microsoft, and Google due to their massive user bases. The goal is to make users believe they are interacting with a trusted source when in reality, they are handing over valuable personal information to malicious actors.

‍

A brand impersonation attack begins when a cybercriminal crafts a message that appears to come from a trusted organization, so the recipient is unlikely to question its authenticity. For example, it could be a request for the victim to verify their account details or make a payment, unknowingly sending sensitive information or money to the attacker.

‍

How typosquatting and brand impersonation work together

Cybercriminals usually combine these tactics to increase their chances of success.

‍

Here’s how they work together:

• Lookalike domains: Hackers create fake websites by registering domains with typos, omissions, transpositions, or variations of legitimate brands (e.g., “goog1e.com” instead of “google.com”, faceboook.com instead of facebook.com, etc). These fake websites are made to look nearly identical to the real sites, making them hard to detect
• Phishing emails or messages: Attackers send out emails or messages pretending to be from trusted brands, like Amazon or Microsoft. Most times, these messages include a link to a fake site, tricking users into thinking they need to verify their account or provide information.
• Exploiting trust: By impersonating well-known companies, hackers take advantage of the trust people naturally have in these brands. When you get an email that looks like it’s from your favorite online store, you’re less likely to question its legitimacy.
• Redirecting to fraudulent sites: Clicking on the links in these fake messages will take you to a typosquatted site that looks just like the real deal. Here, you might be asked to log in or provide sensitive information, or even scan a QR code (quishing), not realizing it’s a scam.
• Stealing data or installing malware: Once you're on the fake site, hackers can easily collect any information you provide or trick you into downloading harmful software. This data can then be used to steal your identity or access your accounts.

‍

How to prevent typosquatting and brand impersonation?

While typosquatting and brand impersonation are tricky tactics, there are practical steps you can take to protect yourself from falling victim to these scams:

‍

1. Double-check URLs

‍Always take a moment to carefully look at the web address before clicking or entering personal information. Scammers rely on minor typos or variations, like "amaz0n.com" instead of "amazon.com," so double-check for any unusual characters or misspellings.

‍

2. Use bookmarks

‍Save your frequently visited websites in your browser’s bookmarks. This way, you avoid typing the URL each time, minimizing the risk of being redirected to a fraudulent site.

‍

3. Look for HTTPS

‍Make sure the website has a secure connection, indicated by "https://" and a padlock symbol in the browser's address bar. While some fake sites may still have this, it’s an extra layer of protection you shouldn’t ignore.

‍

4. Be wary of phishing emails

If you receive an unexpected email asking you to verify your account or provide personal information, don’t click any links right away. Instead, go directly to the official website by typing the URL into your browser or using a bookmarked link.

‍

5. Hover over links before clicking

‍In emails or messages, hover your mouse over links to preview the actual URL. If it looks suspicious or doesn’t match the sender’s domain, avoid clicking on it.

‍

6. Enable Two-Factor Authentication (2FA)

‍Whenever possible, activate two-factor authentication on your accounts. This adds an extra layer of security, making it harder for attackers to access your accounts, even if they successfully steal your login details.

‍

7. Keep software updated

‍Ensure that your browser, operating system, and security software are always up to date. Many updates include security patches that help protect against emerging threats, including fake websites and phishing attacks.

‍

8. Use DNS protection and security software

‍Consider using DNS filtering and modern web security tools to block access to malicious websites. These tools can prevent you from landing on typosquatted or impersonated domains.

‍

9. Stay informed

‍Regularly educate yourself and others about the latest phishing and impersonation scams. Knowing what to look out for is one of the most effective ways to stay protected.

‍

Conclusion

Cybercriminals aren’t always targeting specific individuals. Most times, they set traps in the form of lookalike websites while waiting for someone to stumble across them. By simply mistyping a web address or falling for a well-crafted brand impersonation email, you could expose yourself to significant risks like identity theft, financial fraud, or malware infections.

‍

Here at Kora, our active domains are korapay.com for communications and korahq.com for our website.

‍

If you suspect that you’ve encountered a fraudulent site or email or have any concerns, please contact us. By staying cautious and following these tips, you’ll reduce the chances of falling victim to typosquatting and brand impersonation attacks.

‍

---

At Kora, our goal is to connect Africa to the world and connect the world to Africa via payments. For startups and businesses working in Africa, we provide All The Support You Need ™️ to start, scale and thrive on the continent.

‍Sign up to see all the ways you can thrive with Kora.