Typosquatting – Page 3 – WindowsTechs.com

Protecting an external authentication server against CSRF

Posted on October 20, 2020 by ficabj5

I have a web application which uses an external authentication server for obtaining a session. When a client tries to login, the browser is making requests towards the external authentication server until a cookie is obtained. Note that th… Continue reading Protecting an external authentication server against CSRF→

The most popular brand websites hackers use for typosquatting campaigns

Posted on September 1, 2020 by Shannon Vavra

The most imitated websites that credential-stealing, financially-motivated hackers have resorted to mimicking include Wells Fargo, Netflix, Facebook, and Microsoft, according to new Palo Alto Networks research published Tuesday. Some of the other top brands that hackers have mimicked with typosquatting, a technique that relies on victims glancing over typos in website names that appear similar to other popular legitimate sites, also include PayPal, Apple, Royal Bank of Canada, LinkedIn, Google, Apple’s iCloud, Bank of America, Dropbox, Amazon, and Instagram, according to the research, which examines data collected in December 2019. The hackers have been using these malicious domains to distribute malware, reward scams, run phishing campaigns and technical support scams, Palo Alto Networks’ Unit 42 researchers said in a blog post. Of nearly 13,857 squatting domains registered in December, 18.59% are malicious, “often distributing malware or conducting phishing attacks.” Typosquatting has long been a favorite tactic for attackers looking to […]

The post The most popular brand websites hackers use for typosquatting campaigns appeared first on CyberScoop.

Continue reading The most popular brand websites hackers use for typosquatting campaigns→

Feds warn election officials of potentially malicious ‘typosquatting’ websites

Posted on August 22, 2020 by Sean Lyngaas

The Department of Homeland Security last week told election officials to be wary of suspicious websites that impersonate federal and state election domains and could be used for phishing or influence operations. The Aug. 11 bulletin distributed by DHS’s Office of Intelligence and Analysis, which CyberScoop reviewed, listed roughly 50 suspicious domains that were purporting to offer information related to voting and elections. “These suspicious typo-squatting domains may be used for advertising, credential harvesting and other malicious purposes, such as phishing and influence operations,” the advisory says. “Users should pay close attention to the spelling of web addresses or websites that look trustworthy but may be close imitations of legitimate U.S. election websites.” Typosquatting is an issue that litters the internet and affects every sector because it is cheap and easy for anyone to set up a website that mimics the spelling of a legitimate one. A 2018 study found […]

The post Feds warn election officials of potentially malicious ‘typosquatting’ websites appeared first on CyberScoop.

Continue reading Feds warn election officials of potentially malicious ‘typosquatting’ websites→

How much damage can a malicious package do with just "npm install <package>"?

Posted on July 1, 2020 by user237586

I had a typo and npm installed something that is similar in name to something very popular — I was concerned about typosquatting. It’s quite plausibly legitimate and just a coincidence. I looked at the corresponding package and didn’t s… Continue reading How much damage can a malicious package do with just "npm install <package>"?→

Has someone quantified how much more effective typodomains are than random websites in phishing attacks?

Posted on May 26, 2020 by Chas. Owens

Has someone done an actual study on how effective typo domains are versus random websites in phishing links?

I am trying to justify the expense of going after typosquatters and the possibility of the domains being used as a phishing attac… Continue reading Has someone quantified how much more effective typodomains are than random websites in phishing attacks?→

Why typosquatting protection from coronavirus-themed registered domains is a must

Posted on May 20, 2020 by Waqas

By Waqas
Typosquatting is also known as a URL hijacking attack.
This is a post from HackRead.com Read the original post: Why typosquatting protection from coronavirus-themed registered domains is a must
Continue reading Why typosquatting protection from coronavirus-themed registered domains is a must→

Trove of RubyGems malware highlights software supply chain issues

Posted on April 23, 2020 by Danny Bradbury

Ruby developers beware: a would-be cryptocurrency thief is out to get at your digital wallet, and they’re using typosquatting code to do it. Continue reading Trove of RubyGems malware highlights software supply chain issues→

760+ malicious packages found typosquatting on RubyGems

Posted on April 17, 2020 by Zeljka Zorz

Researchers have discovered over 760 malicious Ruby packages (aka “gems”) typosquatting on RubyGems, the Ruby community’s gem repository / hosting service. The discovery ReversingLabs analysts wanted to see how widespread the practice of pa… Continue reading 760+ malicious packages found typosquatting on RubyGems→

Researcher finds 670 Microsoft subdomains vulnerable to takeover

Posted on March 6, 2020 by John E Dunn

Researchers have found it’s still child’s play to hijack subdomains from companies such as Microsoft to use in phishing and malware attacks. Continue reading Researcher finds 670 Microsoft subdomains vulnerable to takeover→

Ho Ho OUCH! There are 4x more fake retailer sites than real ones

Posted on November 19, 2019 by Lisa Vaas

Beware, holiday shoppers! The phishers hiding under typosquatting domains are waiting for your keyboard fumbles. Continue reading Ho Ho OUCH! There are 4x more fake retailer sites than real ones→