SPECIAL OFFER: Get up to $70 of Bitcoin with your purchase of select Ledger wallets.

Shop now

Up your Web3 game

Ledger Academy Quests

  • Test your knowledge
  • Earn POK NFTs
Play now See all quests

Typosquatting

Mar 25, 2025 | Updated Mar 25, 2025
Typosquatting is a deceptive practice where scammers create nearly identical versions of legitimate websites or crypto addresses to trick users into visiting fake sites or sending funds to the wrong destination.

Typosquatting is a deceptive practice where scammers create nearly identical versions of legitimate websites or crypto addresses to trick users into visiting fake sites or sending funds to the wrong destination.

What Is Typosquatting?

Typosquatting (also called URL hijacking or domain mimicry) is a type of phishing scam where attackers create domains that closely resemble popular websites but contain subtle differences. These fake websites may look identical to the legitimate site but are designed to steal your information or funds.

Some tell-tale signs of scam websites include: 

  • Subtle misspellings, such as an additional character, e.g., gooogle.com vs. google.com 
  • Transposition of characters, e.g., faecbook.com
  • Foreign language spellings
  • Subtle variations of top-level domains (such as .co instead of .com)
  • Plurals of a singular domain name
  • Misleading capitalization, such as capitalizing the letter “i” to replace a lowercase “L” 

If an attacker acquires the victim’s details via such a scam site, they can gain access to the user’s real account and obtain sensitive information, such as banking details, social security numbers, or even crypto account logins.

Typosquatting in Crypto

In the crypto context, typosquatting scams can involve the attacker creating a deceptive Blockchain Naming System (BNS) (such as the Ethereum Name Service (ENS)) domain name to redirect crypto payments into their own addresses. The fake clone can also dupe unwitting users into submitting their credentials, Know Your Customer (KYC) details, or even payment information, which the attacker can then harvest and exploit.

To explain, a BNS makes crypto transactions more convenient by replacing complex cryptographic recipient addresses with human-readable names. However, this opens up another way for typosquatters to take advantage of users, leading to an irreversible transfer of funds to the attacker’s wallet rather than the intended recipient.

How to Protect Yourself

  • Always double-check recipient addresses before sending cryptocurrency
  • Bookmark official websites rather than typing URLs
  • Use official mobile apps from trusted sources
  • Verify the URL carefully before entering your credentials
  • Check transaction history on blockchain explorers before sending to new addresses
  • Consider using hardware wallets for additional security

Remember: Cryptocurrency transactions are irreversible. Once funds are sent to a scammer’s address, they cannot be recovered.

Bid Price

The bid price is the highest price that a buyer is willing to pay for a particular asset, such as a cryptocurrency or stock.

Full definition

Hard Fork

A hard fork is a significant change that permanently splits a blockchain into two different networks when the nodes fail to reach a consensus.

Full definition

Metaverse

A metaverse is a digital or virtual realm containing all the aspects of the real world.

Full definition