What Is Typosquatting?

Typosquatting is a subset of a cyber attack on an individual or a business. A person will usually create a website URL that is similar to an already registered domain name, in an effort to lure individuals to the forged website. This allows an individual’s personal information to be stolen. The most common ways in which this occurs is when someone misspells a website URL when typing it into their browser. They are then led to this fake website thinking it is the real one.

How does Typosquatting occur?

There are a variety of different ways that typosquatting can occur to. These are all things that you should be vigilant of. For example:

Different spelling

Fake domain names can use an alternative method of spelling the website URL. For example, instead of “lawpath.com.au“, someone can create a fake website spelled “laawpath.com.au”. An individual searching for the real Lawpath website may not even realise the typo they have made.

Common brands

For more popular brands such as Apple or Nike, there can be alternate decoy websites created as well. This means that an individual is buying products from a fake website, thinking they are buying genuine brands.


Another way typosquatting occurs is when there is a hyphen in an already normal looking website URL. A lot of websites have a hyphen in their name which can detract from its authenticity. For instance, a fake website may have a hyphen such as “law-path.com.au”

Domain extension

Typosquatting can also occur if someone creates a website with a fake domain extension. This is when the URL ends in .org or .com but is changed to lead a person to believe it is a real website.

What does it do?

There are a number of things falling victim to typosquatting can do. This type of cyber attack can have a negative impact on both individuals and businesses. Firstly, it enables malware and other types of cyber-attacks to occur. These cyber attacks attempt to cause data breaches for customers and businesses. Secondly, as a result of these fake domain websites, the real businesses lose money. Thirdly, an individual’s personal data such as credit card information, passwords etc are stolen and used. Overall, it is a type of cyber attack that relies on someone who is likely to not check their spelling or authenticity of a website.

How can you protect yourself/your business?

The auDA is the agency that takes care of the Domain Name System specifically for the “.au” domain. Accordingly, the auDA has made a Prohibition on Misspellings Policy which was implemented in 2008 to prevent the practice of typosquatting. You can lodge a complaint with the auDA and they will investigate the situation for you. Furthermore, the Australian Cyber Security Centre has information on Domain Name System Security for Domain Owners. Its purpose is to shed light on how people can abuse the domain names through practices such as typosquatting. If you are a domain owner, you should be aware of any false websites that are using your domain. Additionally, you must report them the second you are aware. If you own a business, it may be worthwhile to protect yourself by getting cyber insurance. Further, click here to find out how to can make your business cyber safe.

Concluding thoughts

To conclude, typosquatting is a type of cyber attack that uses domains similar to active domains to create a fake website to lure people into it. As such practices will probably continue to occur, it is important for individuals and business owners to remain vigilant. Precautions should be taken when using a website and domain owners should be active in looking for any decoy websites under their domain name.

Most Popular Articles
You may also like
Recent Articles

Get the latest news

By clicking on 'Sign up to our newsletter' you are agreeing to the Lawpath Terms & Conditions


Register for our free live webinar today!

Tax Strategies for Small Business Success

12:00pm AEDT
Thursday 25th July 2024

By clicking on 'Register for webinar' you are agreeing to the Lawpath Terms & Conditions

You may also like

The 2024 Federal Budget has unveiled a comprehensive package of measures designed to support small to medium enterprises (SMEs) in Australia, while also laying the groundwork for a "Future Made in Australia."
Default interest clauses can help protect lenders' interests, but sometimes they will not be enforceable. Find out more here.
Lying on your resume to get a job is never a good idea. In fact obtaining employment through fraud can actually land you in jail.

Thank you!

Your registration is confirmed. Keep an eye on your inbox for an email with details on how to watch the webinar.