Back to Glossary
Attacks
What is Typosquatting?
Registering domain names that are common misspellings of popular websites to capture traffic from users who mistype URLs.
Typosquatting exploits typing errors to redirect users to malicious or deceptive websites.
Common Techniques
- Missing letters: gogle.com instead of google.com
- Swapped letters: googel.com
- Wrong TLD: google.co instead of google.com
- Homograph attacks: Using similar-looking Unicode characters (gооgle.com with Cyrillic "о")
- Added letters: gooogle.com
What Typosquatters Do
- Display phishing pages to steal credentials
- Serve malware downloads
- Show advertising to profit from misdirected traffic
- Sell the domain to the legitimate brand owner
Protection
- Bookmark important websites and use bookmarks to navigate
- Use a password manager (it won't auto-fill on the wrong domain)
- Check the URL carefully before entering credentials
- Use a browser with built-in phishing protection
Related Terms
Phishing
A social engineering attack where attackers impersonate legitimate entities through fake emails, websites, or messages to trick victims into revealing sensitive information like passwords, credit card numbers, or personal data.
Social Engineering
Psychological manipulation techniques used to trick people into revealing confidential information or performing actions that compromise security. Social engineering exploits human trust rather than technical vulnerabilities.
Have more questions?
Use our guided flow to get the right next privacy step for Typosquatting.
Open Guided Flow