The Typosquatting Protection service protects users from accessing URLs that may be misspelled and, therefore, misrepresented, by typosquatting.
What is Typosquatting?
Typosquatting is a common trick used by hackers to fool users into thinking they are visiting a valid domain, but the domain name is misspelled. When a user clicks on a typosquatted URL, the user is taken to a different domain that may be spoofing the expected domain. The Typosquatting Protection feature checks for common typos in a clicked or manually typed URL domain name. When a typosquatted domain is either clicked or manually miss-typed, the user is directed to a block page that indicates that this may not be the website they believe they are visiting, and provides a link to the legitimate URL, directing the user to the proper website.
For example, if the URL(where the 'i' and 'v' positions are switched in the domain name) appears on a website, or if the user types that URL, the service detects the typo and provides a block page with a link to the valid domain . The user can then click the legitimate link to visit the proper website.
How to Enable Typosquatting Protection
- Log into the Barracuda Web Security Gateway as admin.
- Go to the BLOCK/ACCEPT > Configuration page.
- In the Typosquatting Protection section, set Enable Typosquatting Protection to Yes.
Barracuda Typosquatting Protection works with the Barracuda Web Categorization Service (WCS) to determine misspelled domain names. See Web Use Categories for more information about the Barracuda WCS. If you want to allow any misspelled domains, you can recategorize the domain using the BLOCK/ACCEPT > Custom Categories page.
Typosquatting Block Page
If a user types a URL or clicks a link that is typosquatted, for example: facebookk.com, the Barracuda Web Security Gateway serves the following block page to the user, warning of fraud and providing a link to the correct domain:
How to Customize the Block Page
The administrator can create a custom message for the block page shown above using the tool on the BLOCK/ACCEPT > Block Messages page.
If a domain is reported and blocked for the user as Typosquatted, but the domain is valid, you can recategorize that domain on the BLOCK/ACCEPT > Content Filters page under a category that is allowed. Use the Typosquatting Log report for a list of domains by category that were determined to be typosquatted, by user.