With such a large number of 2020 presidential hopefuls, political campaigns and scammers are capitalizing on searchers mistyping candidates’ names to send them to sites that they weren’t expecting. Typosquatting, also known as URL hijacking, is a form of cyberattack that targets internet users who incorrectly type a web address into their web browser (e.g. “Gooogle[.]com instead of Google[.]com). When users make a typographical error, they may be led to an alternative website owned by a cybercriminal that is typically designed for malicious purposes. With 23 presidential hopefuls, there are plenty of targets for these types of attacks and domain squatters have been busy. In a new report by the cybersecurity firm Digital Shadows, researchers analyzed over 550 typosquatting domain names for 34 candidates and election-related domains and put them into three categories: misconfigured or illegitimate sites, non-malicious, or redirects. Misconfigured or illegitimate typo squat domains are described as websites that have not been configured properly and show directory indexes or HTML error messages. Non-malicious typo squat domains are ones that are designed to not hurt the candidate or the political party. Redirects are the most common type of typosquatting. These sites will redirect a visitor to scam sites, unwanted browser extensions, fake program updates, tech support scams or the opponent’s legitimate site. Of the different types of typo squats, 68% are redirects that bring visitors to sites promoting malicious extensions or other unwanted content. It has become extremely difficult to track down the actual owner of the redirect sites due to privacy laws or fake email addresses used for registration.
By: Dan McNemar It is not a new concept that criminals use the Darknet to