Network News

X My Profile
View More Activity

Watch Out For 'Typosquatter' Sites

Surely you've had this experience before: You mistype an Internet address in your Web browser, only to end up at a porn site or some random Web page that tries to install software or hijack your browser's settings.

Well, score one for Google. On Friday, the search-engine giant won an arbitration settlement against a Russian man who had registered Web sites that capitalized on numerous misspellings of the company's trademark name.

According to an Associated Press story, an arbitrator for the National Arbitration Forum endorsed Google's contention that the misspelled addresses were part of a sinister plot hatched by one Sergey Gridasov of St. Petersburg, Russia. Google claimed that Gridasov had "typosquatted" on domains such as,, and, in a plot to infect computers with programs that can lead to recurring system crashes, wipe out valuable data or provide hackers with a window into highly sensitive information.

Finnish anti-virus software maker F-Secure Corp. issued a warning about the typosquatted domains in an alert posted in April.

While Google's victory is certainly welcome news for companies looking to protect their trademarks from being used to serve up malicious software or just plain obnoxious advertising, typosquatters can do quite a bit of damage during the weeks and months it takes for a company to arbitrate the dispute and gain control over the misspelled domain names.

What's more, this type of underground marketing is pervasive. Take, for instance. I spent a few minutes the other day transposing side-by-side letters in, just to see what I'd find. Sure enough, it wasn't long before I happened upon a typosquatting site that installed something called the "Ad Exchange Browser Toolbar," supposedly to help me browse the Web. The only problem was I neither asked for nor authorized the software to be installed (for obvious reasons, I'm not going to post the link here). Omitting a certain letter from the spelling of our site showed me an advertisement for an explicit "adult friend finder" service. Yet another misspelling of launches a flurry of very persistent pop-up ads for a supposed anti-spyware program called Spyware Stormer, a program that has been roundly panned as an ineffective knock-off of a well-known legitimate anti-spyware program.

The lesson in all this is be careful what you type in your browser window.  And if you find yourself on one of these cybersquatting sites, get off immediately, then run an updated virus and spyware scan.  And, as always, be sure you're running a firewall.  See our cyber-security tips for more information on how to protect your computer.

By Brian Krebs  |  July 11, 2005; 12:33 PM ET
Categories:  Safety Tips  
Save & Share:  Send E-mail   Facebook   Twitter   Digg   Yahoo Buzz   StumbleUpon   Technorati   Google Buzz   Previous: Lyrical Lessons in Security
Next: Death Penalty For Hackers?


The best way to protect yourself from these type of sites is to go to Google or some other search engine, and type in the name (such as Washington Post) and let Google give you a clickable link to the site. Even if you misspell it, Google will ask you if you meant the correct spelling, and provide the correct link.

Posted by: G Nesmith | July 11, 2005 11:16 AM | Report abuse

This is funny & ironic -- I believe the term is actually supposed to be "typosquatting", not "typesquatting" -- as in, when you make a typo (a typing mistake) and end up with that mistaken web address.

Posted by: Anonymous | July 11, 2005 1:45 PM | Report abuse

I have found that if you select the search engine of your choice and out it on your home page you can use it to connect to the sites you want. As with my choice (Google)if I mistype (Washinton Post)It will first ask you if you meant (Washington Post). It's a much safer way to get to the sites you want when you are not sure of the address.
And Mr. Krebs,
Have you tried the Microsoft Antispyware? Currently it's the beta version but I have been very happy with it. My computer has been cleaned up and is now back at optimal performance. I keep it active and run dailey scans. Since it has cleaned out all the spyware it has kept my system from getting anymore. Would be interesting in your opinion on the program.

Posted by: D. Sullivan | July 11, 2005 4:27 PM | Report abuse

Now you just need to talk to the folks who control the site homepage and get them to fix the "typesquatting" vs "typosquatting" typo... :)

Posted by: Anonymous | July 11, 2005 4:44 PM | Report abuse

Basically this guy hacks.


Posted by: 0x80 | July 12, 2005 10:08 AM | Report abuse

I agree that using the search engine is a better way to avoid these websites altogether, but that is also more work for the user to have to go to a search engine just to enter in a website that they will get right 90% of the time.

The real issue is the browser. In my case, I use Firefox more often than Internet Explorer, for the same reasons to avoid downloading spyware and adware. There will always be malicious websites, porn links and unauthorized downloads, but to better protect yourself from getting infected is to take the necessary precautions.

Posted by: CCosgrove | July 12, 2005 10:17 AM | Report abuse

GOOGLE rocks. Ya gotta love a company that COULD have been (and may yet be) bigger than Microsoft, yet adopted the slogan "Do No Evil." Marketing? Maybe, and I do profess to being a cynic, but GOOGLE has yet to even barely misstep from it's simple promise. I hope to one day drive my Google down to the Google to buy somemore Google. (I stole that line from somebody else, by the way.)

Posted by: Adrian in Dallas | July 12, 2005 11:15 AM | Report abuse

I agree we should be paying more attention to typosquatting. Despite misspelling risks, using the address bar is the only way to know for sure that a given homepage is the real thing. I hope Google's victory will set the precedent for more aggressive action against scammers! Thanks for the awesome tutorials, by the way!

Posted by: Mauro Baglieri, Italy | July 19, 2005 6:58 PM | Report abuse

The comments to this entry are closed.

RSS Feed
Subscribe to The Post

© 2010 The Washington Post Company