Next time you click on a link online, read the spelling of the URL more than once. Typo-squatting (a minor change in a URL through text characters) has become a new method for hackers to infiltrate systems, especially when Internet users are conducting financial transactions online.

Typo-squatting explained

Hackers use double characters (ll, tt), or insert a small word in the middle to make it look like the original address. They are also found to be inserting characters like i, l, r, t and s so as to mislead users, and even go as far as tinkering with the TLDs (top level domain names), by using .co for a .com.

This is a very simple method used by hackers. Since the URL is not visually widened or lengthened, it is not difficult to deceive users.

Increase in cyber-crime

US-based Internet security solutions firm Websense Security Labs found that incidences of typo-squatting have increased. It is said to be one of the top methods employed by hackers to attack systems.

“While it may seem an antiquated methodology, the application of typo-squatting has evolved into successful fraudulent incidents generating millions of dollars in financial losses and operational overhead,” the firm has said in its latest report.

“When comparing more than 20 industries, financial services are ranked as one of the most targeted industries. These attacks are often combined with social engineering tactics via email to compromise hosts or to manipulate users to instigate an action, such as initiating an invoice payment or wire transfer,” the report said.

comment COMMENT NOW