How many times have you typed in the wrong domain name? Maybe you meant to type “.com” but ended up with “.co”, or maybe you typed an extra letter in the URL and have been redirected to a different website. This is also how phishing attacks work where users are sent to websites where their URLs appear similar to the legit website, thus tricking some users into thinking it is the real deal.
That being said, security firm Endgame (via Gizmodo) has recently discovered a new malware that capitalizes on typos in URLs. The firm has found more than 300 popular .com domain names that have been registered in Oman, where the top level domain ends with .om. This means that if you were to surf to Netflix.om due to a typo, you will be directed to a page that will attempt to install an OS X malware on your computer.
The malware appears to be an adware which can be pretty annoying. However the upside is that it will disguise itself as an Adobe Flash update, meaning that you still need to give your permission for it to install itself. By then hopefully you guys would have figured out that it is a fake/wrong website and will skip the update.
This kind of attack is known as typosquatting and according to Endgame, most large companies should already have some kind of mitigation strategy in place, but either way do keep an eye on the URLs you type in the future if you want to avoid such problems in the future.
. Read more about