This Is How Scammers Are Using Our Atrocious Spelling Skills Against Us

Hands Writing On Touch Screen Device Keyboard With Shallow Focus And Blurry Lights Behind
ivanmollov/Getty Images

ScoreCard Research

Fingers are stupid. Let’s just admit that right now.

We’ve all done it — jumped online and started typing in our web browsers, only to flub the spelling of the website we want. Instead of Netflix.com we got Neltfix.com. We meant to type Walmart.com but ended up with Walmrat.com.

It’s easy to do.

Most of the time, you’ll end up at an error page or maybe even get rerouted to the correct page. But NBC Nightly News is now reporting that you may end up getting scammed.

Typosquatting Is a Thing, and It Could Rip You Off

Typosquatting — sometimes known as URL hijacking — is when a person creates a website using a URL that is very similar to a known, copyrighted brand name. The scammer uses a common typo, such as Costoco.com instead of Costco.com, to lure consumers to a fake website.

We’ve told you in the past about domain squatting, but it’s not quite the same. Domain squatting is when someone creates a website using a common typo in the URL, and they use that domain to get pay-per-view or pay-per-click advertising. It’s not exactly cool, but it’s not illegal, either.

Typosquatters take it a step further. They will set up their webpage to look just like the website you thought you typed in. On NBC Nightly News, one consumer told his tale of getting to the fake Costco site and thinking he was on the correct site. Then, a pop-up told him he could get a product for free if he just paid for shipping and handling. It seemed like a great deal, right?

Nope. Pretty soon, he saw bogus charges of $98 coming out of his bank account over and over.

Typosquatters set up their fake sites just to rip you off or infect your computer with malware. Not cool.

Many companies will spend the money to buy up all the various ways to spell — or misspell —  their website domains to avoid such confusion. Sometimes, though, the bad guys beat them to the punch.

One new study found that 80% of one-letter variants for Google, Facebook and Apple are active typosquatting sites. The more lucrative the website, the more likely it is that typosquatters are out there trying to take advantage of your clumsy fingers.

How to Protect Yourself From Your Own Bad Spelling

The first thing to know is that the little padlock symbol on your URL bar is easily faked, so it’s no guarantee.

So how do you avoid getting scammed? Simply check and double-check your spelling before you put in your credit card or Social Security numbers, or other personal information. Be extra suspicious of any pop-up offers you’re not specifically looking for, especially if they seem too good to be true.

Even those ads at the top of your web search can be fakes to lure you to a scam site. There is some real effort here on the part of scammers. Just be careful before you click, and protect your computer with appropriate virus protection software and firewalls.

Can you imagine if these people used their brainpower for good? Imagine the possibilities…

Tyler Omoth is a senior writer at The Penny Hoarder who loves soaking up the sun and finding creative ways to help others. Catch him on Twitter at @Tyomoth.