What is ?
The newest cybercrime to watch out for is . It’s also called . It’s when hackers buy names that are just slightly misspelled from their real counterparts. Fraudsters build a completely under the they bought, tricking unsuspecting visitors into giving up sensitive information.
Visitors end up at the in one of two ways:
- They make a typo when trying to visit a . For example, they type www.goggle.com vs www.google.com into their .
- They’re directed to the by a scam. For example, they receive a fake email from their “bank”, stating something like their account is locked or asking them to confirm a large purchase. The email is fake and the links in it go to the .
Fraudsters go as far as copying the ‘s look and feel. They’ll steal logos, match colors, and even build the site so it looks like the . Their goal is to steal your , bank account login, or credit card information.
How Does Happen?
People get scammed because of human error. Here’s how you could end up on a due to .
Typing the Name Wrong
It’s easy to misspell a , especially if you’re in a hurry. If you rely on auto correct or aren’t paying attention, you can easily visit www.facebok.com instead of www.facebook.com. You missed the second “o.”
If you’re trying to visit a company’s , but their name isn’t spelled the way it usually is in everyday English, you may end up on a . Some businesses are aware of this and buy the alternate names before the scammers can get to it. Then, they redirect you to their correct .
- For example, someone might type www.pintrest.com versus www.pinterest.com, not realizing there’s actually an extra “e”.
Domains with a Dash or Hyphen
A lot of companies will use dashes or hyphens in their .
- For example, www.chick-fil-a.com uses two dashes. Fraudsters might register www.chick-fila.com, hoping consumers won’t recognize the missing dash.
By omitting the second hyphen, it’s the wrong , even though it’s the right business name. That makes it an easy takeover. When users get to the , scammers will use it to install or carry out scams.
With all of the different , it’s easy to see how you could fall victim to . There’s .com, .org, .net, .edu, and more. Different countries even have their own. The UK uses .uk. Canadian websites typically use .cn. Australia uses .au. With the myriad of extensions, it’s difficult to know which one is correct. Most of the time, the business or company will buy their with all of the possible endings. Then, if someone types in .com instead of .org, it will reroute to the proper site.
- For example, Money Credit Union’s is www.moneyfcu.org. However, we also own multiple other endings and spellings. So, if someone mistakenly types in www.moneyfcu.com, it will redirect them to our . However, if we didn’t buy all of the other endings, the could easily fool someone. from a business standpoint is vitally important.
How Do Scammers Use the Fake Site?
use the fake site to steal your login information and personal data with a . For example, if the is a bank or credit card company, the scammers will imitate the . This way, they hope a visitor will unknowingly type their credentials into the . Then, the criminals can use that information to hack into your accounts for . If you use the same login information across multiple sites, you’re at risk of a complete .
Making Money From Advertisements
create ads or pop-ups on the site to lure visitors into clicking on them. They make money from you clicking on the fake ads on their .
Always be careful when something online is touted as “free.” It’s not usually free. And, if it sounds too good to be true, it probably is. The may have a survey or form to fill out in order to claim your “prize.” In reality, the scammers are trying to commit identity theft by obtaining your .
If you accidentally visit a malicious , it can infect your device with . is invasive software that is meant to harm computers, smartphones, tablets, and even servers with . Examples of common are viruses, worms, Trojan viruses, spyware, adware, and ransomware. use it to extract sensitive information or hold information hostage. They basically launch an on your device.
How Can You Protect Yourself from ?
- Slow down when you’re typing in a web address – double-check that you spelled it correctly.
- Don’t click anything in an unexpected email or text, especially if it’s asking you to confirm a charge or claiming your account is locked.
- Don’t buy things off social media. If you’re interested in a product, try and find it from a well-known retailer instead.
- Bookmark you visit regularly so you don’t have to type in the URL every time.
- Check that the site is secure – it should start with https:
We’re Here to Help
If you get a suspicious email or text claiming to be from the Credit Union, don’t respond. Call us directly at (315) 671-4000 and tell us about it. We would know if there’s an actual issue with your account or debit card.
If you did enter your into a you think was malicious, contact us immediately. We can freeze your account and debit card while we figure out if it was fraud or not.
is just the next way scammers are targeting consumers. Our motto is ABC. Always Be Cautious. Be a smart . are getting easier to fabricate, so you can never be too careful.
Our team is available M-F, 9am-4pm, ET. Call, chat, or text us. (315) 671-4000.