Anonymous Online Misconduct practice area category
Anonymous Online Misconduct practice area categoryAnonymous Online Misconduct

Be Careful What You Click On

Resources & Self-Education   |   Monday, June 04, 2018
That URL Typo Can Break Your Bank Account

By Karl Kronenberger
Partner, Kronenberger Rosenfeld

It’s an easy mistake to make, and it can be costly.

Click on the wrong link, or type the wrong keystroke and you could end up losing a lot of money, personal data, or be the victim of malware.

In 2017, cybercriminals successfully stole millions of dollars using Google ads that sent unsuspecting users who searched for blockchain products to phishing sites.

They purchased Google ads that spoofed, a major provider of Bitcoin digital wallets. The scammers forwarded victims to sites that had a similar look to the real pages which were under the control of the thieves. At that point, all personal information including passwords to digital wallets was stolen. Cisco’s Talos security group reported that $2 million in bitcoin was stolen in just over three weeks.

The scam was associated with an internet provider in Ukraine. The technique involved using Cyrillic characters to create domain names that look like English letters. Or, with spelling mistakes like “,” and “”

In the case of non-English speakers, who might have difficulty noticing the difference, computers in Ghana, Estonia and Nigeria were found to be visiting the fake Bitcoin sites.

Talos representatives said that Cyrillic characters used to spoof the domain names are almost impossible to detect with the naked eye.

Tips To Avoid Bitcoin Scams
  • Be very careful before clicking on Internet ads, social media posts and emails. Examine the URLs. Hover your mouse icon over the links.
  • Read the domain with care. Scammers use a variety of ways to spoof domains.
  • Use trusted sites like to find out if a link is real.
  • Use a free malware scanner from Sucuri called SiteCheck.
  • Don’t click on links in emails that you did not request. Links claiming to be from Amazon, DHL, Facebook or LinkedIn could be nothing more than phishing attempts.
Typosquatting: When Your Typo Can Be Disastrous

Scammers love typos, especially yours. Anticipating your slip of the finger, they modify popular web addresses by removing a letter. It’s called typosquatting.

Typosquatting is an increasingly popular scamming scheme that dupes Internet users into clicking on what looks like mainstream websites like itunes-dot-cm, espn-dot-cm, and paypal-dot-cm.

Then, they wait. The unsuspecting Internet user makes a keyboard mistake, ending up at what looks just like paypal-dot-com, while the scammer scoops up login, passwords and credit card details. Some scammers even collect two-factor authentication data from victims and, in real time, enter it into the true destination website of the victim.

Scammers are aggressive, persistent and smart. The best way to stay safe is to develop Internet habits that will avoid typosquatting sites.

Tips To Stay Safe From Typosquatters
  • We all make typos. So, instead of navigating directly to your favorite sites, bookmark those sites, especially the ones that contain financial and personal data, or that request login information.
  • Block all dot-cm sites. In 2009, McAfee Inc., reported that dot-cm was the most insecure domain in the world.
  • If you search for a site, don’t include .com.
  • Links in social media posts can be very risky and can lead to typosquatting sites. Before you click on a URL, look for misspelled company names; typos in the domain field; extra text that follows .com; and a .com designation for a government website.
  • Always carefully review the URL before you hit enter. Taking an extra moment could save you tremendous hassles. The losses associated with identity theft are significant. Viruses, malware, and unknowingly purchasing fake goods are constant threats to our internet lives. Be careful before you click.

Our firm can help you if you’ve been a victim of bitcoin spam, phishing, and other forms of illegal cyber attacks. Please contact me directly for help. I look forward to assisting you.

This entry was posted on Monday, June 04, 2018 and is filed under Resources & Self-Education, Internet Law News.

Related articles

Anonymous Online Misconduct
Anonymous Online Misconduct practice area category
Internet Law Firm Succeeds in Dismissing Lawsuit Against

Prominent Internet law firm, Kronenberger Rosenfeld, recently succeeded in dismissing a lawsuit brought against popular Internet message board ProBoards, Inc.The lawsuit, brought by a former...

Read More

Anonymous Online Misconduct
Anonymous Online Misconduct practice area category
Karl Kronenberger Discusses NetJets’ Request to Enforce Oral

NetJets, the world’s largest operator of private jet planes, has requested a federal judge in Columbus, Ohio to dismiss a lawsuit by its pilots’ union...

Read More

Anonymous Online Misconduct
Anonymous Online Misconduct practice area category
Jeff Rosenfeld Gives Warning to Individuals Looking to

In the article, “Christmas is the season for giving…money to scammers?” published by InsideCounsel, Partner Jeff Rosenfeld discusses common charity scams that occur during the...

Read More

Anonymous Online Misconduct
Anonymous Online Misconduct practice area category
Jeffrey Rosenfeld Authors Law360 Article on Ways to

In the Law360 article “Invoice Intercepted: A New Form of Wire Fraud,” Partner Jeffrey Rosenfeld discusses different avenues to avoid becoming a victim of a...

Read More

Open Newsletter Signup Popup