Byte of Prevention Blog

by Jay Reeves |

How to Protect Against Typosquatting and Combosquatting

Just when you thought your law practice was cyber-safe, along comes a slew of new online scams involving typosquatting and combosquatting.

Typosquatting, also called URL hijacking, relies on user mistakes – such as making a simple typographical error when entering a URL into an internet browser – to direct them to a bogus site or deceive them into divulging sensitive information.

Combosquatting is a similar scam in which cybercriminals create fake domains that appear legitimate because they reference actual businesses (ex: with bogus letters or words added.

What would happen to your law practice if you experienced a medical emergency? Who would take care of your clients? What if a key partner dies unexpectedly? What would happen to the firm? If you aren’t sure of the answers to those questions, HELP is available. Lawyers Mutual has assembled a rapid response team to Handle Emergency Legal Problems. Led by our in-house claims attorneys and outside counsel, our team has the training and resources to guide you through difficult professional times. Lawyers Mutual HELP will assess your crisis situation and work with you to craft a workable plan for moving forward. Since 1977, Lawyers Mutual has been there for our insureds and their clients. We have provided professional liability protection for NC lawyers longer than any other insurance company. Want to learn other ways Lawyers Mutual can HELP your practice? Visit our website, give us a call, or drop by our office. You’ll see why Lawyers Mutual is the smart choice for liability coverage in North Carolina.


How to Protect Against Typosquatting

How it works: “It all starts with a malicious actor registering a domain with a deliberately misspelled name of a popular website,” according to cybersecurity expert Marc Dahan. “That augments the chances of internet users inadvertently misspelling the URL themselves (google vs. goggle). And, in the event the user receives the URL to the masquerading site in a phishing email, there’s a good chance that the typo will be too subtle for the user to notice, and they will click the URL.”

What happens when you take the bait: “Once the user clicks the URL, they are brought to the malicious site,” writes Dahan. “The malicious site can typically be one of two things: A copycat site, designed to look like the misspelled site as much as possible. An independent site that doesn’t attempt to mimic another site but is laden with dodgy advertisements and malware.”

How to defend your firm: Consider registering erroneous versions of your domains yourself. Don’t wait for hackers to beat you to it. “Draw up a list of the most apparent misspellings of your domains and register them,” writes Dahan. “It’s also recommended to register other top-level domains (.org, .co, etc), country extensions, alternate spellings, and hyphenated variants for your domains. You can easily have all of these alternate domains redirected to your official website.”


How to Protect Against Combosquatting

How it works: “A threat actor takes a legitimate domain – let’s use companyco.tld and combine another phrase with the domain name to create something like support-companyco.tld,” according to the cybersecurity site Knowbe4. “The use of additional words help establish context for a phishing scam or simply are benign enough to be ignored by recipients. [S]hould the recipient glance at the domain name, it appears to jibe with the phishing campaign’s theming. So, if it’s an attack purporting to be Paypal, using a domain like wwwpaypal-com.[info] with a cursory glance by a non-vigilant user may actually pass muster.”

What are the red flags? “According to Akamai, the use of the term support is most often used – likely as the foundation of an attack aimed at either obtaining credentials or credit card details by convincing the victim that there’s a problem with their account on whatever website the scam is pretending to be from,” writes Knowbe4. “Without it, they will give the sender domain only a cursory glance (and assume it’s legitimate despite how awful the domain name looks), or completely skip checking the sender domain altogether and take them at their word.”

SOURCES: What is Typosquatting? How can you Defend against it? (; ‘Support’ Tops the List of Combosquatted Domains Used in Phishing Attacks (; The Most Common Combosquatting Keyword Is “Support” | Akamai


For close to half a century, Lawyers Mutual has been the smart choice for professional liability coverage for North Carolina attorneys. We cover the state from Murphy to Manteo. We insure large firms, solo practitioners and everyone in between. We help new lawyers enter the profession with confidence, and we help keep seasoned veterans safe and successful. The numbers speak for themselves. Lawyers Mutual has been in business since 1977, making us the only insurance carrier to provide continuous protection over that period. Today we insure more than 8000 lawyers in North Carolina. Most of them will stick with us until they retire. Why? Because they know we are here for them today and will be here tomorrow, bringing protection and peace of mind in turbulent times. Visit our website, give us a call, or ask a colleague why Lawyers Mutual is the smart choice for liability coverage.


Related Posts