Skip to content

How Typosquatters Trick Holiday Shoppers

December is a peak online shopping season, with Cyber Monday alone reaching billions of dollars in sales. Because the internet is flooded with deals, many shoppers let their guards down and become susceptible to typosquatters, who trick consumers into buying counterfeit products or giving away sensitive information. It's important for payment service providers to be aware of these merchants entering their portfolios at this time of year.

 

What is Typosquatting?

Typosquatting is a deceptive tactic typically intended to trick internet users into visiting websites they believe are operated by a trusted entity. Instead, the websites may attempt to steal a user's information, sell counterfeit products or services, or engage in other forms of illicit activity that can harm consumers and damage brands.

Typosquatters capitalize both upon genuine typographical errors that an unwitting user might enter - for example facebook.cm or faceboook.com - as well as visually deceptive domain names an internet user might not immediately recognize as falsified.

 

What Are Some Typosquatting Tactics?

There are many methodologies typosquatters use to mimic an authentic domain name. Often a typosquatter will make use of a typo, such as disneyy.com, or will use an alternative top level domain (TLD), such as disney.om.  Other cybercriminals trick consumers using trailing text, such as disney-official.com. There are more sophisticated techniques as well; see our typosquatting guide for some real examples.

 

What to Watch Out For

While consumers should carefully scrutinize every new website they visit, payment service providers can also take action to prevent typosquatters from appearing in their portfolios. They can:

  • Watch out for merchants applying for merchant accounts with domain names that are suspiciously similar to well-known brands.
  • Carefully scrutinize merchants using domain names that include common typosquatting techniques, such as starting a domain name with "www-."
  • Invest in merchant monitoring services, such as those provided by LegitScript, to quickly flag suspicious merchants who may be engaged in phishing, IP infringement, or other problematic activity.

 

Want to learn more? Download our Typosquatting Guide for more examples and a case study of an offshore internet service provider operating as a cybersquatting safe haven.

person typing on a mobile phone

 

Recent Blog Articles

nicotine pouches

Why Nicotine Pouches Are Drawing So Much Scrutiny

Why Nicotine Pouches Are Drawing So Much Scrutiny The startling rise in popularity of nicotine pouches is reminiscent of the surge in popularity of vaping. And, like vaping, nicotine pouches have been popular among youth-who can use them more discreetly at schools and in other places where smoking a...

Why You Should Apply for LegitScript Certification

The Benefits of Each Certification for Your Business In 2019, Meta announced they were applying new restrictions to advertisers for Addiction Treatment services that included a new requirement-LegitScript Addiction Treatment Certification. In 2020, Google updated its healthcare and medicines policy...
LegitScript MCC Detection

What Are Merchant Category Codes (MCCs)?

And How LegitScript Can Help You Accurately Assign Them Merchant category codes (MCCs) are critical codes that categorize and describe a merchant's business, and in rare cases, a merchant may have multiple MCCs to separate transaction types. In this article, we'll explore the role of MCCs in the lar...
Fraud Week

LegitScript Supports International Fraud Awareness Week

We're excited to honor International Fraud Awareness Week again this year. If you missed our post from last year, check it out here. LegitScript joins the global effort to spread awareness surrounding the detection and prevention of fraud with a special webinar - Transaction Laundering: Best Practic...