Is Your WordPress Site Exposed to Typosquatting?

July 2020

Typosquatting

Typosquatting is an easy hack that poses an extinction-level threat to your reputation. Also called URL hijacking, a sting site, or a fake URL, typosquatting is a form of cybersquatting which relies on user mistakes such as typos. The most basic example is when a hack buys a domain very similar to your domain. For example your website is facebook.com, and then a hacker buys the domain `facebookk.com`. They are hoping that users accidentally type an extra `k`, then land on their website with the incorrect belief that they safely made it to your website.

Here a few examples for `facebook.com`. Warning!!! Do not click these links unless you want to be subjected to a possible hack.

  • `facebookk.com`
  • `facebook.co`
  • `faceboko.com`
  • `facebooks.com`

The Numbers

A recent study by cybersecurity company Sophos Labs found that roughly 2.7 percent of 15,000 domain names probed directed users to websites associated with some form of cybercrime, including hacking, phishing, online fraud, or spamming. 2.7% doesn't sound like a lot at first, but you must consider that was only for 15,000 domains. Currently there are over 360 million registered domains, so 2.7% of 360 million is actually a lot of spam & hacking.

Cybersecurity researcher Brian Krebs reported a network of over 1000 domains using the suffix .cm, which is the country suffix for Cameroon, for major brands. This included big names such as Hulu and Netflix. Some fo these sites generated nearly 12 million visits over a three-month period. That is a huge opportunity for a hacker, just one letter off equals millions of spam traffic.

The Damage

It seems with this type of cyber hack that all of the damage would be inflicted on the user. They go to the incorrect website so it's their problem right? Wrong. Another very damaging attic that these spoof website use is copying your login process. A user mistakenly goes to the hacker website, tries to log in with their credentials for your website, the spoof website saves those credentials and now has direct access to your system.

About 50 percent of respondents in a recent study admitted they use the same passwords for personal and work accounts. Also 65 percent of respondents use the same credentials for most or all their accounts. If your website is not only data breached, but also possibly the root leak for other data breaches, your branding and custom sentiment is going to crash through the floor. Say goodbye to that business.

The Solution

The best defense is a good offense in this case. The best protection to typosquatting is to buy as many similar or related domain names as possible. While it's extremely difficult that a WordPress website can acquire every possible variation, and it would be fairly costly to do so, buying the most obvious spoof domains is the best minor investment for hedging risk.

Another valuable tool of defense is education and training. As with almost all cyber risks, educating and training your user base and employees to recognize incorrect links is very valuable. If you have an employee base, consider this training tip for overall security. Email phishing is a similar tactic that hacks use that rely on a lack of user attention. Employees need to be able to understand a good URL from a bad URL

Recap:

  • Acquire similar spoof domains as solid, yet minor investment
  • Train your user base and employees to identify good URLs from bad URLS

Domain names are a sizable part of a company's attackable area. WordPress websites or individuals who ignore and do not monitor their own presence on the internet are exposed to more risk.

Continued Reading
WordPressLLC.com
The #1 WordPress Business Newsletter