Typosquatting - what it is, telltale signs, and how to avoid look-alike sites

Typosquatting

What it is

Typosquatting is when scammers make look-alike websites based on common typing mistakes (like gooogle.com or micr0soft.com). If you mistype a URL or tap a tricky link, you land on the fake site that copies the real one to fool you into logging in, paying, or downloading “updates.”

Why it matters

These copycat sites can steal your passwords and card details or install malware. One quick typo can hand over your main account.

How it works - quick tour

  • Register: scammers buy domains with swapped/extra letters or different endings (.co vs .com).

  • Clone: they copy the real site’s logo and layout.

  • Lure: links in emails, DMs, ads, or autocomplete mistakes send you there.

  • Take: fake logins or “downloads” grab your data or infect your device.

Red flags

  • The web address is close but not exact (extra letters, numbers instead of letters).

  • No padlock (HTTPS) or a certificate that looks random.

  • Pop-ups yelling “update now,” “verify,” or “download a codec.”

  • Prices or offers that are way better than the real site.

Do it right

  • Type important sites yourself or use bookmarks.

  • Check the full address bar before entering a password.

  • Use a password manager - it won’t autofill on the wrong site.

  • Keep your browser and security app updated and report look-alike domains when you see them.

    Glossary (A–Z)

    All A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

      • Related Articles

      • Phishing

        What it is Phishing is a scam where someone pretends to be a trusted person or service to trick you into giving up passwords, card numbers, or other sensitive data. It shows up in email, texts, social DMs, and look-alike websites. For a quick ...

      • Web Protection

        What it is Web protection is a bundle of tools and settings that keep you safer while you browse. It blocks dangerous sites and downloads, warns about fake logins, filters sketchy links, and helps keep your info private. It can run on your device ...

      • Web Cache Poisoning

        What it is Web cache poisoning is when attackers sneak bad content into a website’s cache. The cache is a “shortcut” server use to make pages load faster for everyone. If it’s poisoned, later visitors get the attacker’s fake version instead of the ...

      • Security Software

        What it is Security software is a set of apps and services that protect your devices and data from hackers, malware, and mistakes. It covers tools like antivirus/anti-malware, firewalls, VPNs, email and web filters, intrusion detection/prevention, ...

      • Data Execution Prevention

        What it is Data Execution Prevention (DEP) is a Windows safety net that stops code from running in places it shouldn’t—like the stack or heap. If malware tries to execute from those memory areas, Windows blocks it and shuts the app down instead of ...