14 DAY TRIAL // Nowadays, typos no longer lead to dead-ends anymore, messages like "server not found" being less encountered. This is all the more true when it comes to words that match almost perfectly the original names that give identity to the URL of a website. The race for presidency in the U.S. is one of the matters of most interest, so certain groups of people have decided to take advantage of other's lack of attention when typing in order to make an illegal profit.
Symantec has proved, at the Black Hat hacker conference held in Las Vegas, that typo-related scams, especially when it comes to websites apparently associated with the candidates for the U.S. presidency, is flourishing. "Our intent is not to appear alarmist or spread FUD [Fear, alarm and doubt]," said the security company officials, also underscoring that vigilance is needed to avoid seasonal scams.
Typo squatting, performed by people who create websites that have URLs very similar to some official websites, can bring both chaos among users and large profits to hijackers. This business is still very popular, despite all legal measures taken against it, because buying a domain is affordable for basically anyone. Some of the most common typos, that also apply when it comes to electoral candidates' websites, are indicated as missing the dots, hitting a nearby character on the keyboard, misspelling someone's name, or reversing two characters. Some websites that have addresses built on typos offer either false information about a candidate, or advertise for one of his rivals, along with delivering hidden malicious software.
Most visited fake presidential campaign websites are U.S.-based, followed by those set up by the Canadians and United Arab Emirates citizens, a fact that came as a surprise for the researchers themselves.
Profit-oriented email phishing is also one of the scams hackers pull on people. They use it to send emails under the names of the candidates or that of their family members, in order to get private information that will later be used for malicious purposes. Donation websites, that have nothing to do with the real campaign, are set up by criminals who don't usually include compulsory registration before asking people to donate for the elections.
Adware, spyware and browser data leakage are other three threats that should get people's attention. Users have to think twice before giving away information or money to websites that raise even the slightest question marks.