The latest ploy cyber criminals are using to spread ransomware and other types of computer malware to provide them with remote access to your computers or to steal log-in credentials: After buying domain names with a missing or misplaced letter in website addresses belonging to well-known companies, they simply wait for you to make a typo.
The biggest threat results in the most common typos — either a misplaced or missing “c” (such as typing amazonc.om or amazon.om) so a web address ends with “.om” instead of “.com”.
Those two Amazon domain names are among more than 300 .om-ending domain names that hackers have purchased for this new malware-spreading scheme. Here’s the complete list, which also spoofs Facebook, LinkedIn, AOL, banks including Bank of America and Wells Fargo, pharmacies CVS and Walgreens, retailers such as Walmart and JC Penney, and even online porn sites.
FREE DOWLOAD: Ransomware: A Growing Cyber Threat
True, cyber criminals have long used website addresses with a missing, extra or misplaced letter to spoof those belonging to well-known brands for typo trickery. But the usual MO has been to lead consumers to copycat websites that sell counterfeit goods, aim to steal credit card info that people provide for supposed purchases, or promise a prize to those who complete a survey that actually mines for sensitive personal information.
This new malware-spreading angle — called typosquatting — was discovered when researchers mistyped Netflix.om instead of the correct Netflix.com, and was redirected through a series of dubious pop-up ads and, eventually, to a malware-infested site that prompted him to download a file that appeared to be an Adobe Flash Player update. That familiar fake “Flash Update” usually serves up risky (and possibly malware-laden) pop-ups and other annoyances on computers, so don’t download or install it.
Researchers says that most of the .om-ending sites it discovered operate the same way: They don’t directly install malware but, instead, lead to other infected pages. So that’s good news, at least.
In addition to .om-ending risks, other typosquatting tricks that may result in malware that gives hackers control of your computer and everything on it include website addresses with doubling characters (“googgle.com”), missing letters (“gogle.com”), adjacent keys (“googlw.com”) and letter swapping (“googel.com”).
So carefully read what you type before hitting Enter to access a website, especially if you’re a fast or fat-fingered typist. That’s also a good practice to follow before clicking on links that appear in search engine results or online advertisements; they, too, may have typos that spell trouble.
Backup is the Best Protection for your Data
We recently published a white paper to educate and guide you through the growing threat of Ransomware as well as information on Union Built Cloud services, a best-in-class secure data storage solution that automatically backs up your data keeping it out of the hands of cyber criminals. Use them and navigate the web with a lot more peace of mind.
Learn more about the Union Built Cloud, contact us with your cyber security questions and concerns and Like Union Built PC on Facebook, Follow us on Twitter and LinkedIn and subscribe to the Union Built PC monthly email newsletter for Union News delivered straight to your inbox.