What is typosquatting?

Have you ever searched for a specific website online but somehow ended up on a completely different site? This is known as typosquatting or URL hijacking. Cyber criminals will often register a common misspelled website that appears like a legitimate one to trick people and steal their sensitive information. For instance, instead of going on “google.com” you clicked on a similar option, only it is misspelled with an extra “o” in the word “google”. Entering any information or clicking on links on this website can expose your data to the cyber criminals hosting this typosquatting scam.

While it can be hard to catch, here are some characteristics of typosquatting to be aware of:

  • Typos in website addresses
  • Hyphenated domains
  • Alphanumeric domains (a name that contains both letters and numbers)
  • Using other alphabets or special characters

What is the difference between typosquatting and cybersquatting?

Typosquatting is a form of cybersquatting. Cybersquatting involves a cyber criminal using a registered website domain that presents itself as a completely legitimate website, such as for trademarks or company names. Typosquatting is a type of cybersquatting that resembles an already established URL company domain but with an added and intentional typo. Typosquatting uses the same practices of script spoofing to trick users into thinking their website is legitimate. With users being misled to these dangerous websites, it causes damage to the respected organization’s image. Cyber criminals use phishing techniques to imitate legitimate companies and trick users into accessing their cybersquatted domains to steal users’ sensitive information.

How can I protect myself?

Cyber criminals can target anyone so it’s important to know how to protect yourself online and minimize the risks. You can start by following these tips:

  • Don’t click on unsolicited links from your email, social media accounts or unknown websites
  • Consider enabling a free domain name server (DNS) firewall, such as CIRA Canadian Shield. CIRA Canadian Shield identifies malicious websites and prevents you from accessing them
  • Install anti-virus software to protect your devices and data from malware and other viruses from hijacked domains
  • Bookmark your favourite websites so you can be sure you will have easy access to the correct ones at any given time
  • Navigate websites by using a search engine, rather than clicking on a URL from another web page
  • Hover over hyperlinks carefully to ensure the websites you are accessing are safe. When in doubt, do not click on it!


Even though typosquatting might be a new term for many, it’s a growing cyber threat that is important to be aware of. Navigating the internet is not always easy, but with these tips staying safe can certainly be a little easier!

Report a problem on this page

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Please select all that apply:

Thank you for your help!

You will not receive a reply. For enquiries, please contact us.

Date modified: