A massive typosquat campaign has come to light with over 200 typosquatting domains impersonating 27 brands to push Windows and Android malware. Typosquatting is a method hackers use to impersonate well-known sites by creating fake websites using domain names very similar to authentic website names. Below are examples of domains used for typosquatting:
- payce-google[.]com – impersonates Google Wallet
- snanpckat-apk[.]com – impersonates Snapchat
- vidmates-app[.]com – impersonates VidMate
- paltpal-apk[.]com – impersonates PayPal
- m-apkpures[.]com – impersonates APKPure
- tlktok-apk[.]link – impersonates download portal for TikTok app
- notepads-plus-plus[.]org” – impersonates notepad ++
What does this mean for me?
Firms should avoid clicking on ads that appear in search results and be aware of typosquatting domains that are not legitimate. The campaign is widespread, and infection rates are high. The domains used are close to authentic domains and may only have a single letter position swap or an extra “s.”
If you have any questions about malware threats, Fairview Cyber can help. We provide essential cyber and data security services like phishing prevention training, internal and external vulnerability scans, vendor due diligence, and more. Contact us today for more information about our services.