logo

English

바로 밑에 보이는 분류를 선택하는 즉시 게시글 전체중에서 글올리신 이가 지정한 분류가 님이 선택한 분류와 일치하는 글들만이 전시됩니다. 선택한 분류에서 다시 전체글을 보시려면 분류: 전체나 위의 게시판 메뉴를 누르면 전체 글이 다시 펼쳐집니다.
As soon as you select and click one of the categories below, only those articles with the same category assigned by the one who uploaded the article will be displayed. To view the entire posts again press Category: Total or the LWV Board menu choice.

The Common Typo That Can Steal Your Computer

Magnifying glass over browser revealing the URL is a "scam"The latest ploy cybercrooks are using to spread ransomware and other types of computer malware to provide them with remote access to PCs and Macs or to steal log-in credentials: After buying domain names with a missing or misplaced letter in website addresses belonging to well-known companies, they simply wait for you to make a typo.

The biggest threat results in the most common typos — either a misplaced or missing “c” (such as typing amazonc.om or amazon.om) so a web address ends with “.om” instead of “.com,” reports online security firm Endgame.

Ways to save, expert investment advice, scam alerts and more! — AARP Money Newsletter »

Those two Amazon domain names are among more than 300 .om-ending domain names that hackers have purchased for this new malware-spreading scheme, according to Endgame. Here’s the complete list, which also spoofs Facebook, LinkedIn, AOL, banks including Bank of America and Wells Fargo, pharmacies CVS and Walgreens, retailers such as Walmart and JC Penney, and even online porn sites.

True, scammers have long used website addresses with a missing, extra or misplaced letter to spoof those belonging to well-known brands for typo trickery. But the usual MO has been to lead consumers to copycat websites that sell counterfeit goods, aim to steal credit card info that people provide for supposed purchases, or promise a prize to those who complete a survey that actually mines for sensitive personal information.

Endgame discovered this new malware-spreading angle — called typosquatting — when one of its researchers mistyped Netflix.om instead of the correct Netflix.com, and was redirected through a series of dubious pop-up ads and, eventually, to a malware-infested site that prompted him to download a file that appeared to be an Adobe Flash Player update. That familiar fake “Flash Update” usually serves up risky (and possibly malware-laden) pop-ups and other annoyances on computers, so don’t download or install it.

Endgame says that most of the .om-ending sites it discovered operate the same way: They don’t directly install malware but, instead, lead to other infected pages. So that’s good news, at least.

Discounts on financial services from trusted companies — AARP Member Advantages »

In addition to .om-ending risks, other typosquatting tricks that may result in malware that gives hackers control of your computer and everything on it include website addresses with doubling characters (“googgle.com”), missing letters (“gogle.com”), adjacent keys (“googlw.com”) and letter swapping (“googel.com”).
So carefully read what you type before hitting Enter to access a website, especially if you’re a fast or fat-fingered typist. That’s also a good practice to follow before clicking on links that appear in search engine results or online advertisements; they, too, may have typos that spell trouble.

For information about other scams, sign up for the Fraud Watch Network. You’ll receive free email alerts with tips and resources to help you spot and avoid identity theft and fraud, and gain access to a network of experts, law enforcement and people in your community who will keep you up to date on the latest scams in your area.

Photo: Carlos_bcn/iStock

Also of Interest


See the AARP home page for deals, savings tips, trivia and more.

이 게시판이나 웹에 관해 묻고 싶은 게 있으시거나 건의 할 게 있으시면 관리자 (e-mail: 김익현 ikkim922@hotmail.com) 에게 문의 해 주세요.
Any inquiry as to this board and website or suggestions should be directed to Admin (e-mail: 김익현 ikkim922@hotmail.com ). Thanks!