The Identity Danger of Typos

A single typo can come back to haunt you online, as scammers purchase like-sounding domain names in order to trap unsuspecting users.

Years ago, Disney Channel had a segment of programming for kids around ages eight through ten that was called “Zoog Disney.” The shows in that time slot featured relatable actors facing situations that were specific yet entertaining for kids in this age bracket. The Zoog Disney programming aligned with its Zoog Disney website, which kept the fun going online.

Unscrupulous scammers immediately purchased the domain name “Zoo Disney,” hoping to lure in children and parents who left off the last letter in Zoog.

Of course, stories have circulated for years about a hidden pornography site located at WhiteHouse.com rather than the official government website for 1600 Pennsylvania Ave., WhiteHouse.gov. Currently, the .com domain runs unsanctioned political content rather than pornography, but the result is the same: much like Zoo Disney, scammers are trying to reach users who miss a letter or mistype their entries.

In a trick called “typosquatting,” websites are set up in hopes that you are confused by the web address or type a little too fast to pay attention to a missing letter here or there. Unfortunately, once a scammer goes to those lengths, there has to be some kind of payoff; these spoofed websites are often filled with malware and other harmful web applications, profiting off your quick fingers.

One of the most common culprits is the “.com” ending that we’re all so used to. Numerous fraudulent sites end with “.cm,” hoping that you were a little too quick with the keyboard. By some accounts, as many as 12 million users a year are redirected to these bogus websites ending in .cm domain names. Once a user ends up at a site like this one—unaware that they’ve mistyped—they’re often flooded with threatening popup boxes that claim their computers are filled with viruses.

There are a few ways to fight back against typosquatting. First, make sure that you type clearly and carefully when you’re entering a web address into the URL bar. If you can bookmark popular sites that you visit frequently, that can also help you avoid potential disaster. Finally, remember never to fall for popup boxes or even browser lockers. Instead, exit out and start a whole new browsing session, and run a quick antivirus scan to be safe.

For toll-free, no-cost assistance, contact the Identity Theft Resource Center at (888) 400-5530. For on-the-go assistance, check out the free ID Theft Help App from ITRC.