Anatomy of a Scam—Typosquatting
The Typosquatting Trap
As the Thanksgiving holiday approaches, the volume of online shopping—and subsequent shipping and payment notifications—spikes dramatically. Unfortunately, so does the risk of phishing and credential harvesting — a tactic where attackers trick individuals into revealing sensitive login information like usernames and passwords.
Be aware of sophisticated scams to steal your personal financial information and put your Andrew account at risk.
What is typosquatting?
Typosquatting is a form of cybercrime where an attacker registers a domain name that is a slight misspelling or variation of a legitimate, popular website. It is also known as "URL hijacking."
The goal is to capitalize (or "squat") on common typing errors (typos) or to trick you into thinking a suspicious URL is legitimate.
How typosquatting works:
- The Lure: You receive an email or text message advertising a doorbuster deal (e.g., "75% off electronics!") that appears to be from a major retailer, such as Best Buy, Amazon, or Target.
- The Click: When you click the link, it takes you to a fake website. The URL might be something like BestBuyy.com (note the extra 'y') or Amazon-Deals.co.
- The Deception: The cloned site is visually perfect, complete with high-resolution logos and realistic product listings. You feel safe enough to proceed to the checkout or log in.
- The Theft: When you enter your credit card number or, worse, your saved username and password, that data is instantly transmitted to the criminal. The site usually displays an error message (such as "Payment Failed") or redirects you to the actual retailer, making you believe the error was on your end—but your data is already gone.
What can you do to protect yourself?
Always verify URLs before clicking
Look closely for misspellings, swapped letters, or extra characters. For example: amaz0n.com vs. amazon.com.
Use bookmarks for frequently visited sites
Save trusted URLs in your browser to avoid mistyping. This is especially useful for banking, shopping, and email platforms.
Be cautious with search engine results
Typosquatted domains may show up in ads or lower search results. Always use verified links or official websites.
Installing reputable security tools helps automatically block access to known suspicious domains.
When shopping for gifts or booking holiday travel, be aware that compromised personal credentials are frequently used to gain unauthorized access to your accounts.
Your best defense is to use a unique, strong password and enable Multi-Factor Authentication (MFA) on all critical accounts. This action makes most stolen passwords ineffective against attackers.
Be cautious of other scams this holiday season, particularly those involving urgent payment platforms. Learn more.
References
Authentic8. (n.d.). What is typosquatting? Retrieved November 6, 2025, from https://www.authentic8.com/blog/what-is-typosquatting
Hideez. (2023, April 4). What is typosquatting and how to prevent it. Retrieved November 6, 2025, from https://hideez.com/blogs/news/what-is-typosquatting
Proofpoint. (n.d.). Typosquatting. Retrieved November 6, 2025, from https://www.proofpoint.com/us/threat-reference/typosquatting
LastPass. (2023, August 15). Typosquatting: What it is and how to avoid it. Retrieved November 6, 2025, from https://blog.lastpass.com/posts/typosquatting
Bolster AI. (2023, October 2). How to prevent typosquatting. Retrieved November 6, 2025, from https://bolster.ai/blog/how-to-prevent-typosquatting