HOLIDAY SEASON: Save up to 50% and get up to $90 BTC on the best deals of the year

Shop now

Secure the Best Deals

Black Friday is here

  • Start shopping
  • Save up to 50%
Shop now Learn more

Typosquatting

Mar 25, 2025 | Updated Mar 25, 2025
Typosquatting is a deceptive practice where scammers create nearly identical versions of legitimate websites or crypto addresses to trick users into visiting fake sites or sending funds to the wrong destination.

Typosquatting is a deceptive practice where scammers create nearly identical versions of legitimate websites or crypto addresses to trick users into visiting fake sites or sending funds to the wrong destination.

What Is Typosquatting?

Typosquatting (also called URL hijacking or domain mimicry) is a type of phishing scam where attackers create domains that closely resemble popular websites but contain subtle differences. These fake websites may look identical to the legitimate site but are designed to steal your information or funds.

Some tell-tale signs of scam websites include: 

  • Subtle misspellings, such as an additional character, e.g., gooogle.com vs. google.com 
  • Transposition of characters, e.g., faecbook.com
  • Foreign language spellings
  • Subtle variations of top-level domains (such as .co instead of .com)
  • Plurals of a singular domain name
  • Misleading capitalization, such as capitalizing the letter “i” to replace a lowercase “L” 

If an attacker acquires the victim’s details via such a scam site, they can gain access to the user’s real account and obtain sensitive information, such as banking details, social security numbers, or even crypto account logins.

Typosquatting in Crypto

In the crypto context, typosquatting scams can involve the attacker creating a deceptive Blockchain Naming System (BNS) (such as the Ethereum Name Service (ENS)) domain name to redirect crypto payments into their own addresses. The fake clone can also dupe unwitting users into submitting their credentials, Know Your Customer (KYC) details, or even payment information, which the attacker can then harvest and exploit.

To explain, a BNS makes crypto transactions more convenient by replacing complex cryptographic recipient addresses with human-readable names. However, this opens up another way for typosquatters to take advantage of users, leading to an irreversible transfer of funds to the attacker’s wallet rather than the intended recipient.

How to Protect Yourself

  • Always double-check recipient addresses before sending cryptocurrency
  • Bookmark official websites rather than typing URLs
  • Use official mobile apps from trusted sources
  • Verify the URL carefully before entering your credentials
  • Check transaction history on blockchain explorers before sending to new addresses
  • Consider using hardware wallets for additional security

Remember: Cryptocurrency transactions are irreversible. Once funds are sent to a scammer’s address, they cannot be recovered.

Over-the-Counter

Over-the-counter (OTC) trading refers to trading that is carried out through dealer networks rather than formal exchanges.

Full definition

ERC-20 Tokens

ERC-20 tokens is the technical standard for fungible digital tokens that run only on the Ethereum blockchain network. They are built on smart contracts that keep track of the tokens created on the Ethereum network.

Full definition

Block Header

A block header is the metadata that provides a summary of a block’s content.

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.