Typosquatting Scams

by: Smith and Howard

October 9, 2014

Back to Resources

Most companies take advantage of basic security measures such as data encryption and secure payment methods to protect against hackers. However, there is a lesser-known online security scam – typosquatting. All it takes is accidentally misspelling a company name when trying to find their website. Your borrowers may end up being unknowingly diverted to sites where they download malware. And poof, their personal information is stolen. As with any technology scam, education is key — so share this important information with your borrowers. 

Domain names with a twist 

Cybersquatting occurs when someone registers a website domain name that includes a trademark and then tries to profit by selling that name to the trademark owner. Likewise, typosquatting involves the purchase of domain names in bad faith. 

It takes advantage of a tendency among Internet users to hit the wrong keys and enter misspelled trademarks or brands. For example, in a recent case involving the retailer Lands’ End, a typosquatter registered domains such as and 

Proactive borrowers purchase the most common mistyped versions of their company’s URLs to hedge against typosquatting scams. They also investigate suspicious URLs to find out where they lead — or, rather, mislead — customers. 

A broad scope 

How widespread is typosquatting? Sophos, an IT security firm, chose several websites — Facebook,

Google, Twitter, Microsoft, Apple and its own site — and generated all possible one-character mistakes in their domain names. Researchers produced 2,249 unique site names, including, and 

They then checked how many of these names were registered. According to Sophos, Microsoft typosquats were at 61% (meaning 61% of the domain names similar to were registered), Twitter at 74%, Facebook at 81%, Google at 83% and Apple at 86%. Although this research focused on well-known brands, private company URLs could be besieged by typosquatters just as easily. 

Stolen sales, malware and more 

Some of these fraudsters seek to divert consumers from competitors or draw more traffic to their own sites (often pornography or dating sites). That’s bad enough. But others go further. For example, the websites they divert to might feature a phishing scheme, whereby a visitor is induced to download malicious software (malware) that steals their personal information and log-in credentials.

Earlier this year, Twitter users were lured in by messages sent on the service that said, “Did you see this pic of you?” When users clicked on the included link, they were sent to spoofed Twitter log-in pages with URLs like and Unsuspecting users entered their Twitter usernames and passwords, allowing fraudsters to hijack their accounts. 

Typosquatting can also be used for corporate espionage. In a lawsuit filed in 2012, for instance, the Gioconda Law Group sued a programmer who obtained the domain name, whereas the firm’s URL is The law firm alleges that the defendant used his doppelgänger domain name to create fake e-mail accounts and intercept e-mail intended to be sent to the firm. 

Expanded disclosures 

When borrowers fall victim to typosquatting and other technology breaches, revenues and business reputations are likely to suffer — making it harder to service debt. With audit season just around the corner, ask borrowers to disclose more about cyber threats, as well as any preventive measures they’ve taken to secure their Internet activities, in their year-end financial statements.

For more information please contact a member of our lender services team at 404-874-6244.

How can we help?

If you have any questions and would like to connect with a team member please call 404-874-6244 or contact an advisor below.