Probability we all mistyped some addresses at least once in our life, but sometimes this can cost us more than we imagined. Security researchers have found out that if you mistype “.com” as “.om” in the next minute you will overwhelmed by malicious sites that will require you to install malware in your computer or any other digital device. This new trend is called “typosquatting” and it is present in more than 300 famous sites.
One of the employees of the company Endgame mistyped www.netflix.om instead of www.netflix.com and took him to a website full alerts suggesting to update the Adobe Flash software several times. Noticing on time this scam would harm them, the company retired immediately. The company hypothesis is that the scam is less probable to be limited just to Netflix. They were lucky, but there are still thousands of people that fall in this trap. Next time, pay more attention on this scams.
From a research Endgame noticed the scam is focused on major companies, especially Mac and Windows users. How the scam happens? They simply register their names with the .com domain.
Users must be in alert because according to Endgame this is going to expand to out websites.
What is .om domain and how you can avoid being harmed?
.OM domain is a ccTLD for Oman and it’s not very difficult to register a site with this domain, according to Endgame. Endgame recorded two domain names with .om, with a two months waiting period, which could have been speed up with an additional fee. With one in progress, the next one was not so lucky, the registrar asking for an evidence of the brand association the company asked to represent.
Endgame affirmed that:
“As we detailed, hundreds of malicious domains clearly not associated with the targeted brand have recently been registered. It is highly unlikely that purchasers had proof of ownership.”
To avoid this situation to happen you have to withstand to this need of clicking the pop-up that downloads the software, therefore the OS X malware called Genieo. When users accept it, the software is downloaded and installed with extensions attached to browsers such as Chrome and Firefox. All the ads, pop-ups and sharewares intend to terrify you to install false anti-virus software and like them. Remember nothing installs by itself, so don’t do that.
Another way businesses can avoid this harm is to register their brand names with the extension .om and thus stopping “”typosquatters” to take advantage.
Check the full list of false .om domain sites and pay attention to avoid this scam happens to you, too.