Typosquatting Domain

Typosquatting domains exploit the fact that people frequently make small typing errors when entering web addresses. An attacker registers variations such as 'goggle.com', 'payypal.com', or 'amazoon.co.uk' — all plausible typos of popular sites — and routes visitors to phishing pages, malware downloads, or ad-laden sites designed to generate revenue.

The deception is effective because victims who land on the rogue site often see a convincing clone of the legitimate brand and proceed to enter login credentials or payment details. In some cases the attacker simply lets the domain generate ad revenue from misdirected traffic without any active phishing.

Typosquatting also extends to email: a company doing business with 'supplier.com' may receive invoices from an attacker using 'supp1ier.com' (numeral 1 replacing letter l). Organisations can protect themselves by proactively registering common misspellings and monitoring for lookalike registrations through brand-protection services.