Your IP: Unknown · Your Status: ProtectedUnprotectedUnknown


(also URL hijacking, sting site, fake URL)

Typosquatting definition

A social engineering attack involving a fake website that the victim accesses by mistyping a URL. The fake website is usually made to look identical to its legitimate counterpart and is registered under a similar domain. Typosquatting websites may run scripts to infect the victim’s browser, trick them into downloading malware, or steal their credentials.

Typosquatting is a form of cybersquatting. Because typosquatting can cause severe damage to a brand’s reputation, major corporations and famous celebrities actively hunt for and take down typosquatted domains.

Real typosquatting examples

  • Redirected YouTube users to a malicious website that tried to trick them into downloading malware
  • Fake version of the (a browser-based game) website with jumpscares
  • Tried to steal AirFrance’s online traffic and sell its customers discount fares

Stopping typosquatting

  • Double-check the URL before you press “Enter.” If you’re not sure about the spelling, use Google or another search engine to find the legitimate site.
  • Bookmark your favorite websites. By accessing websites from your saved addresses, you won’t need to type the URL every time.
  • Never click on suspicious links in emails. Always hover over a link to see where it leads and double-check the URL.
  • Use NordVPN’s Threat Protection feature. Once enabled, it will warn you if you’re about to enter malicious websites, including typosquatted domains.

Further reading

Ultimate digital security

We value your privacy

This website uses cookies to provide you with a safer and more personalized experience. By accepting, you agree to the use of cookies for ads and analytics, in line with our Cookie Policy.