BEWARE OF FAKE WEBSITES!
Be careful the next time you try to visit a website by typing the URL into the address bar of your browser – you might land on a website hosting ads for scam products, or worse, a website designed for phishing or hosting malware. And that is called typosquatting.
“Typosquatting” is when a crook or scammer registers misspelled domain names (think faceboook or goggle) in the hope of stealing traffic from those legitimate sites for nefarious purposes.
The typosquatter's URL will usually be one of four kinds, all similar to the victim site address (e.g. example.com):
A common misspelling, or foreign language spelling, of the intended site: exemple.com
A misspelling based on typos: examlpe.com
A differently phrased domain name: examples.com
A different top-level domain: example.org
An abuse of the Country Code Top-Level Domain (ccTLD): example.cm by using .cm, example.co by using .co, or example.om by using .om. A person leaving out a letter in .com in error could arrive at the fake URL's website.
Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website layouts or content.
There are several different reasons for typosquatters buying a typo domain:
In order to try to sell the typo domain back to the brand owner
To monetize the domain through advertising revenues from direct navigation misspellings of the intended domain
To redirect the typo-traffic to a competitor
To redirect the typo-traffic back to the brand itself, but through an affiliate link, thus earning commissions from the brand owner's affiliate program.
As a phishing scheme to mimic the brand's site, while intercepting passwords which the visitor enters unsuspectingly[2]
To install drive-by malware or revenue generating adware onto the visitors' devices
To harvest misaddressed e-mail messages mistakenly sent to the typo domain
To block malevolent use of the typo domain by others
To express an opinion that is different from the intended website's opinion
Scammers can send you email with masked-web address leading you to a site that might look like the one you know. If you eventually try to login in on fake site, you will end up submitting your login details or credentials of the original site to them. And they can use it to login to the original site. Instead, of login in through a redirect you don't trust, type the web address by yourself and be sure.
Also, do not use the same username and password for different accounts you own on different websites.
