According to the latest news article published on Bitcoin.com, Australia today talked about “typosquatters”, which are a new group of cryptocurrency criminals who have been successfully hacking and looting people of their online digital assets. Typosquatting is a popularly recognised term in the cyber security sector.
As the name itself suggests, typosquatting means a mix of using typos for famous domain names and then cybersquatting. The definition for the same is as follows, “cybersquatting, according to the united states federal law known as the ‘anticybersquatting consumer protection act’, is registering, trafficking in, or using an internet domain name with bad faith intent to profit from the goodwill of a trademark belonging to someone else.”
The original term, cybersquatting, involved individuals purchasing up domain names related to famous and well-established brands, in order to make sure that the firm would one day buy the domain name at a hefty profit. Popular examples in the past include vodka.com which was sold for nearly $3.5 million USD in the year 2007.
Typosquatting is a much more alarming form of cybersquatting, where websites have names which are very similar to other known and established websites and these websites are created with the hopes of being typed in by users by manually keying in a website name with a typo. For example, Myeterwallet.com and MyEtherwalet.com would be two typosquatting domain names which will be relying on people who might wrongly spell “MyEtherWallet”, which is an established and well-known Ether wallet. This fake website would look completely same to the real one, so the users would enter their user ids and passwords and thereby unknowingly submit this important information to the hackers, who can then enter the usernames and passwords of the users and then access and steal their funds. This trick is usually used to crack exchanges, web wallets and similar centralized services which are used to store crypto assets.
This has been a major problem since a decade, and especially since people have started storing crypto assets on solutions provided by the web. To reduce the risk of falling a victim to typosquatting, manually entering URLs should be avoided. After properly verifying the security certificates of the concerned websites, save your account details with the help of a password manager. The last step is to protect your accounts with 2-factor authentication. This is an extremely efficient way because even if you become a victim to typosquatting, attackers will not be able to access your account.