The internet has made it easier than ever to mislead people, and this can occur before a user even connects to a website! Social engineers can trick victims using a simple link to a “trusted” website.
A strategy known as pharming refers to when a social engineer redirects victims from a legitimate website to their malicious website instead. This generally involves tampering with DNS information for a computer, a network, or a larger portion of the internet. Pharming can be done by making the name resolution process point to a different IP address. A popular use of this is to harvest banking credentials from unsuspecting victims.
Another strategy used to lure unsuspecting victims onto malicious websites is typosquatting. Typosquatting is when an attacker will register a domain very similar to an existing legitimate website, then wait for people to visit the malicious domain. For example, an attacker might register codeAcademy.com to trick users who are trying to visit codecademy.com. Victims might visit this malicious domain through a mistake as simple as mistyping or misremembering a URL.
If you’re skeptical of this strategy, try finding the differences between these URLs:
kerning.com
vskeming.com
google.com
vsgoggle.com