Typosquatting – Page 5 – WindowsTechs.com

Historical OSINT – Profiling a Typosquatted Facebook and Twitter Impersonating Fraudulent and Malicious Domains Portfolio

Posted on February 7, 2019 by Dancho Danchev

With cybercriminals continuing to populate the cybercrime ecosystem with hundreds of malicious released including a variety of typosquatted domains it shouldn’t be surprising that hundreds of thousands of users continue falling victim to fraudulent and… Continue reading Historical OSINT – Profiling a Typosquatted Facebook and Twitter Impersonating Fraudulent and Malicious Domains Portfolio→

Lookalike domains: Artificial intelligence may come to the rescue

Posted on February 7, 2019 by Help Net Security

In the world of network security, hackers often use lookalike domains to trick users to unintended and unwanted web sites, to deliver malicious software into or to send data out of victim’s network, taking advantage of the fact that it’s hard to tell t… Continue reading Lookalike domains: Artificial intelligence may come to the rescue→

Snakes in the grass! Malicious code slithers into Python PyPI repository

Posted on October 30, 2018 by Danny Bradbury

Not for the first time, typosquatting malware made its way into an open source code repository. Continue reading Snakes in the grass! Malicious code slithers into Python PyPI repository→

Historical OSINT – Malware Domains Impersonating Google

Posted on October 20, 2018 by Dancho Danchev

It”s 2008 and I’ve recently stumbled upon a currently active typosquatted portfolio of malware-serving domains successfully impersonating Google further spreading malicious software to hundreds of thousands of unsuspecting users.

In this post I’ll pr… Continue reading Historical OSINT – Malware Domains Impersonating Google→

On the hook! Phishing trip nets “Barbara” 5 years and whopping fine

Posted on September 17, 2018 by Lisa Vaas

The romance and business email compromise scammer pled guilty to fraud amounting to $25m. Continue reading On the hook! Phishing trip nets “Barbara” 5 years and whopping fine→

The Year Targeted Phishing Went Mainstream

Posted on August 2, 2018 by BrianKrebs

A story published here on July 12 about a new sextortion-based phishing scheme that invokes a real password used by each recipient has become the most-read piece on KrebsOnSecurity since this site launched in 2009. And with good reason — sex sells (the second most-read piece here was my 2015 scoop about the Ashley Madison hack).

But beneath the lurid allure of both stories lies a more unsettling reality: It has never been easier for scam artists to launch convincing, targeted phishing and extortion scams that are automated on a global scale. And given the sheer volume of hacked and stolen personal data now available online, it seems almost certain we will soon witness many variations on these phishing campaigns that leverage customized data elements to enhance their effectiveness. Continue reading The Year Targeted Phishing Went Mainstream→

Was Goggle.com actually crazy malware in 2006?

Posted on July 13, 2018 by neverMind9

This video shows how somebody accidentally opens Goggle.com instead of Google.com. He gets flooded with pop-ups, SpySheriff or SpywareSTOP get installed automatically, and the computer user has no chance of closing the seemingly hundreds o… Continue reading Was Goggle.com actually crazy malware in 2006?→

Dot-cm Typosquatting Sites Visited 12M Times So Far in 2018

Posted on April 4, 2018 by BrianKrebs

A story published here last week warned readers about a vast network of potentially malicious Web sites ending in “.cm” that mimic some of the world’s most popular Internet destinations (e.g. espn[dot]cm, aol[dot]cm and itunes[dot].cm) in a bid to bombard hapless visitors with fake security alerts that can lock up one’s computer. If that piece lacked one key detail it was insight into just how many people were mistyping .com and ending up at one of these so-called “typosquatting” domains.

On March 30, an eagle-eyed reader noted that four years of access logs for the entire network of more than 1,000 dot-cm typosquatting domains were available for download directly from the typosquatting network’s own hosting provider. The logs — which include detailed records of how many people visited the sites over the past three years and from where — were deleted shortly after that comment was posted here, but not before KrebsOnSecurity managed to grab a copy of the entire archive for analysis. Continue reading Dot-cm Typosquatting Sites Visited 12M Times So Far in 2018→

Omitting the “o” in .com Could Be Costly

Posted on March 29, 2018 by BrianKrebs

Take care when typing a domain name into a browser address bar, because it’s far too easy to fat-finger a key and wind up somewhere you don’t want to go. For example, if you try to visit some of the most popular destinations on the Web but omit the “o”… Continue reading Omitting the “o” in .com Could Be Costly→

Typosquatting and the risks of one wrong keystroke

Posted on January 15, 2018 by Matthew Phillion

It’s easy to do – you quickly type a URL you use every day and, in your haste, you accidentally swap, add, or delete a single letter and hit enter. Next thing you know you’re on a typosquatting website. Continue reading Typosquatting and the risks of one wrong keystroke→