Summary:
In the ever-evolving landscape of cybersecurity threats, one tactic stands out for its enduring effectiveness: typosquatting. Since the dawn of the commercial internet, threat actors have leveraged this deceptive strategy to impersonate legitimate businesses, exploiting users’ inattention and human errors to propagate malware, steal data, and pilfer funds. Despite its longstanding presence typosquatting is evolving, with attackers becoming more adept at crafting fake domains and messages to propagate malware and steal data and funds. Recent instances of typosquatting attacks include a surge in Bifrost Linux malware variants using fake VMware domains and various other scams such as brand impersonation, fake job hiring websites, and phishing attempts associated with the SolarWinds supply chain attack.

Security Officer Comments:
Moreover, cybercriminals have exploited novel avenues, such as misusing X’s for-pay badge system and creating fake sites soliciting donations for disaster relief. Additionally, recent finding by Akamai uncovered a new twist in the hospitality industry, with scammers replicating hotel booking pages to steal credit card data from unsuspecting guest. The evolution of typosquatting tactics also includes the use of homograph substitution, where attackers employ non-Roman characters to construct domains resembling legitimate ones, making detection even more difficult.

Suggested Corrections:
Proactive measures against typosquatting include utilizing alternative domain name service providers with built in typsquatting protection and implementing corporate security tools to scrutinize log access files. Furthermore, security awareness training for users plays a crucial role in recognizing and mitigating these deceptive schemes.

Link(s):
https://www.darkreading.com/threat-intelligence/typosquatting-wave-shows-no-signs-of-abating