All Collections
UpGuard BreachSight
What is UpGuard's typosquatting module?
What is UpGuard's typosquatting module?

Learn more about what our typosquatting module does, and how it works.

Abi Tyas Tunggal avatar
Written by Abi Tyas Tunggal
Updated over a week ago

UpGuard's Typosquatting module helps you monitor cybersecurity risks related to typosquatting. 

The Typosquatting module lets you choose the domains you want to monitor and identifies permutations of those domains that are at risk of typosquatting. 

If you've purchased this module, your main domain will be monitored by default once the Typosquatting module is activated.

The Typosquatting module will then identify permutations of your domain name that could be used to impersonate your brand. Various strategies are used to create lookalike domains, like omitting a character, replacing a character, or swapping a character for that appears similar. You can gauge the liveliness of a similar domain by characteristics like whether it has been registered, how long ago it was registered, and the presence of DNS records.

What is typosquatting?

Typosquatting is a form of cybersquatting where someone buys a similar domain name to those owned by your brand or copyright and targets Internet users who incorrectly type in a website address into their web browser, rather than using a search engine. Typosquatting is also known as URL hijacking, domain mimicry, a sting site, or a fake URL.

The typosquatted domain owner may redirect traffic to a different URL, show ads, or simply park the domain with the hope that the brand buys the domain from them.

  • Bait and switch: The site is trying to sell you something you may have bought at the correct URL and then not sending you the item

  • Domain parking: The owner of a parked domain may try to sell you the domain for a price that increases as your business grows

  • Imitators: The website passes itself off as the real location to perform a phishing attack

  • Joke site: The site makes fun of the trademark or brand name

  • Related search results listing: Owner uses traffic that was meant for the real site to drive traffic to competitors, charging them on a cost-per-click basis

  • Surveys and giveaways: Site pretends like they're interested in feedback from the real site's customer to try get access to sensitive information

  • Monetize traffic: Owner puts up advertisements or popups to generate advertising revenue from direct navigation misspellings

  • Affiliate links: Site redirects traffic back to the brand through an affiliate link, earning a commission for each real purchase through the brand's affiliate program

  • Install malware: To infect or generate revenue from adware

  • Phishing: Attempt to gain personal data, login credentials or emails

Related Articles

Did this answer your question?