Skip to content

How Typosquatters Trick Holiday Shoppers

December is a peak online shopping season, with Cyber Monday alone reaching billions of dollars in sales. Because the internet is flooded with deals, many shoppers let their guards down and become susceptible to typosquatters, who trick consumers into buying counterfeit products or giving away sensitive information. It's important for payment service providers to be aware of these merchants entering their portfolios at this time of year.


What is Typosquatting?

Typosquatting is a deceptive tactic typically intended to trick internet users into visiting websites they believe are operated by a trusted entity. Instead, the websites may attempt to steal a user's information, sell counterfeit products or services, or engage in other forms of illicit activity that can harm consumers and damage brands.

Typosquatters capitalize both upon genuine typographical errors that an unwitting user might enter - for example or - as well as visually deceptive domain names an internet user might not immediately recognize as falsified.


What Are Some Typosquatting Tactics?

There are many methodologies typosquatters use to mimic an authentic domain name. Often a typosquatter will make use of a typo, such as, or will use an alternative top level domain (TLD), such as  Other cybercriminals trick consumers using trailing text, such as There are more sophisticated techniques as well; see our typosquatting guide for some real examples.


What to Watch Out For

While consumers should carefully scrutinize every new website they visit, payment service providers can also take action to prevent typosquatters from appearing in their portfolios. They can:

  • Watch out for merchants applying for merchant accounts with domain names that are suspiciously similar to well-known brands.
  • Carefully scrutinize merchants using domain names that include common typosquatting techniques, such as starting a domain name with "www-."
  • Invest in merchant monitoring services, such as those provided by LegitScript, to quickly flag suspicious merchants who may be engaged in phishing, IP infringement, or other problematic activity.


Want to learn more? Download our Typosquatting Guide for more examples and a case study of an offshore internet service provider operating as a cybersquatting safe haven.

person typing on a mobile phone


Recent Blog Articles

Synthetic identity fraud

What You Need to Know About Synthetic Identity Fraud

LegitScript noticed an increase in the sale of fraudulent document services, including fake IDs, synthetic identities, and artificial intelligence (AI) passport photo generators. Read further to understand how this trend appears to align with an emergence of more effective methods of stealing and fa...
proposed changes to DSHEA

Proposed Changes to DSHEA Could Impact You — Here’s How

According to the Pew Research Center, many US consumers believe that the current regulatory authority of the Food and Drug Administration (FDA) doesn't adequately protect them. Read further to discover the potential impact of the FDA's proposed changes to the Dietary Supplement Health and Education...

Problematic Product Spotlight: Tainted Royal Honey

Products Claiming to Enhance Sexual Performance Have Experienced a Surge in Popularity No longer relegated to the shelves of gas stations and corner stores, dietary supplements or other products claiming to enhance sexual performance have experienced a surge in popularity within e-commerce marketpla...
LegitScript updates advisory committee policies and seeks to invite new members.

LegitScript Relaunches Its Addiction Treatment Certification Advisory Committee — and Seeks New Members

In an effort to strengthen avenues of communication and identify opportunities for optimizing the client journey, LegitScript is relaunching its Addiction Treatment Certification Advisory Committee. Keep reading to learn how this may impact you. LegitScript Bolsters Collaboration Efforts With Organi...