Typosquatting

Short Description: Attacker substitutes similar appearing characters in the URL to direct the target to a unintented site.

CAT ID: CAT-2022-030

Layer: 8

Operational Scale: Tactical

Level of Maturity: Observed in the Wild

Category: TTP

Subcategory:

Also Known As:

Description:

Brief Description:

Closely Related Concepts:

Mechanism:

Multipliers:

Detailed Description: Attacker substitutes similar appearing characters in the URL to direct the target to a unintented website. Exploits attentional blindness with the intention that the target will not notice the wrong characters.

Tactic that exploits user attentional limitations by deliberately misspelling a web address. Threat actors may switch characters in the address such as switching the letter "o" with the number 0, as in AMAZ0N.COM from AMAZON.COM. Other variants include switching the ordering of letters as in social-engenier.com from social-engineer.com, or using alternate top-level domains (TLDs) such as amazon.cn from amazon.com.

INTERACTIONS [VETs]:

Examples:

Use Case Example(s):

Example(s) From The Wild:

Anonymous

Search

Typosquatting

Namespaces

More

Page actions

Contents

Typosquatting

Description:

Examples:

Comments:

References:

Navigation

Navigation

Wiki tools

Wiki tools

Anonymous

Search

Typosquatting

Typosquatting

Description:

Examples:

Comments:

References:

Navigation

Wiki tools

Page tools