Typosquatting has been around for quite some time – preying on those that omit a letter or misspell the intended URL, a user is redirected to a suspicious website with solely malicious intentions. While typosquatting attacks ultimately lead to adware or malware attacks, it is a concerning trend that one wrong letter or misspelling could land you – and your data – in hot water.
Recently, a unique form of typosquatting has cropped up and tech firms are buzzing. First reported by Endgame, the hackers use the site “Netflix.om” as a redirect for users that simply wanted to go to “Netflix.com”. The .om, or country code top-level domain, is for Oman; however, this variation was used with the sole purpose of steering people away from their intended target.The website itself could be in direct competition with the site the user originally meant to visit, only this time the architects want to steal payment and identity information. Or, after being redirected a few times, the page could land on a “Flash Updater” site imploring the immediate installation of this program.
The end result is the adware Genieo infiltrating the user’s computer – it’s a common adware for Mac users and could eventually spread beyond the OS X systems and on to others. Genieo may also be taking on a new name; recently, Malwarebytes blog The Safe Mac described how they came across a new format called InKeepr. While it may be taking Genieo’s place, it’s too early to tell and there are still plenty of variations of Genieo out there to keep hackers busy and happy for some time.
So what are the next steps? Mac users can rest assured that Apple is constantly updating signatures and adding new adware attacks as quickly as possible. On the ground level – in a company setting, specifically – it’s all about employees exercising their due diligence. Spelling mistakes happen – we’re all human – but knowing to immediately leave what might be a compromised site before any interaction occurs is key. Use both internal and external resources to constantly educate employees company-wide about safe Internet usage; new cyber attacks are created every day and everyone needs to stay as informed as possible in order to keep their protected data safe.