Hundreds of these bogus websites expose visitors to computer-infecting viruses, invasive spyware, or data-stealing trojans, according to a FairWinds Partners white paper.
Previous research by FairWinds Partners found that the typographical errors that internet users make while typing in the domain names of popular websites can cost the companies behind those sites millions of dollars in lost revenue and unnecessary advertising fees.
In its most recent investigation, the consulting company found that users are at risk as well. In total, the research found instances of typo domain names that spread malware across the sites of 82 major brands. These include brands like Google, Microsoft, USA Today, the New York Times, AutoTrader.com and Travelocity. In particular, the research discovered that many typo variations of PayPal's domain name, PayPal.com, are used in phishing schemes.
Viruses and other forms of malware on these bogus sites attack in a stealthy and undetectable manner, which leads to low instances of reporting. When a cybercriminal exploits a recognizable brand name to spread malware, it can be even more misleading to Internet users. Instead of making a complaint to the proper authorities, they may direct their anger toward the company in question, the white paper noted.
"People believe what they see on the internet and in emails. If a consumer visits a copycat site hosting malware that looks like it belongs to a legitimate company, he or she is more likely to believe that whatever harm is incurred is the company's fault", said Charles Pavelites of the Internet Crime Complaint Center, a joint effort by the FBI, the National White Collar Crime Center, and the Bureau of Justice Assistance.
"Brand owners must be diligent about enforcing their brands in the domain space and protecting their customers", said Phil Lodico, co-founder and Managing Partner of FairWinds. "This goes beyond protecting against monetary losses; this is about protecting your valued customers and delivering them the best online experience, and protecting your brand equity in the process."