Skip to main content

Typosquatting refers to a malicious practice where someone registers domain names that closely resemble popular or legitimate websites, but contain slight typographical errors. The goal of typosquatting is to deceive unsuspecting users who make mistakes while typing a website's URL into their web browser.

For example, if a legitimate website's URL is "," a typosquatter might register a domain like "" or "," which appear similar to the original URL. When users accidentally mistype the URL, they may end up on the typosquatter's website instead of the intended destination.

Typosquatting takes advantage of human error and can be difficult to detect, as the typosquatted domain names often closely resemble the legitimate ones.

Typosquatting can be used for various malicious purposes, such as:

  1. Phishing: The typosquatter's website may be designed to mimic the appearance of the legitimate site, tricking users into entering sensitive information like usernames, passwords, or credit card details.
  2. Malware distribution: Typosquatted websites can be used to distribute malware, such as viruses, spyware, or ransomware, by tricking users into downloading malicious files or clicking on compromised links.
  3. Ad revenue generation: Typosquatters may monetize their websites through deceptive advertising practices. They may display misleading ads, redirect users to other websites, or engage in click fraud to generate revenue.
  4. Directing users from a news site they are familiar with to a similar site where news is written to create disinformation, often as part of a broader strategy. 
    For example, the French agency VIGINUM in June 2023 identified the registration of 355 domains between June 2022 and May 2023 that through the practice of typosquatting replicate French media pages but also media pages of nine other European states. The four French sites involved are 20 Minutes, Le Monde, Le Parisien and Le Figaro, as part of a pro-Russian disinformation operation.