Search engine slip-ups can get you scammed in a flash

All it takes is one key-stroke error, or perhaps one absent-minded click on a link. That’s all they need to pull you into scamland once again. The next thing you know, you’re dealing with an unscrupulous crook intent on getting at your vital private information, or installing malware on your computer or selling you useless “fixes” for your digital ailments.

Many of us have gotten so comfortable with our quick searches that we fail to consider the possibility that scammers are banking on our inattentiveness. The more you take it for granted, the more they can take you to the cleaners for being overly confident.

“Typosquatting”

A new favorite tactic is being used by scammers, often from overseas. Crooks have begun setting up websites that are spelled like well-known sites, but have a typo in them. They will add or subtract a letter from the familiar site’s name, hoping you will not notice the tiny change. The technique is called “typosquatting.”

One example recently reported on the west coast was of an online customer who added an extra “o” to Costco’s site. He was then directed to a site to fill out a survey for a free face cream product. His credit card statement later showed four $98 charges to his account.

The best way to insure that you don’t fall victim to typosquatting is to double check any entry you make into a search engine for a spelling error. Many large companies also register common misspellings of their name so you can still get properly directed to their site. But there are plenty of instances where they may have missed some, as was the case with the Costco incident.

For that reason, once you are on the site that you believe you have searched for, double check to see if it is legitimate. If anything is questionable then repeat your search until you are on the real company website. (Remember also that it is easy for a scammer to make a webpage look legitimate by copying logos and using the same fonts.)

Scammers try typosquatting for several reasons. Sometimes the intent is to sell the domain back to the original brand’s owner. Others may want to work a scam similar to the fake product survey mentioned above. Another scheme is to get the user to input their password for the store site that they mistakenly think they are on. The scammer can then use the password on the legitimate site. They may want to install malware on your digital device.

Online misdirection

An online search for “Microsoft help,” or “Mac help” can bring up several sites that aren’t affiliated with Microsoft or Apple. For that reason, it’s best to look carefully at the sites that your search has turned up. Don’t automatically click on the first one. Carefully read the site’s address and see if you can determine whether it is the site you are looking for.

Remember that sites with grammatical errors or typos are probably not legitimate. They may be scammers from non-English countries.

Scammers also may use phone numbers that are one digit off from the legitimate number you are trying to reach. This is another example of the typosquatting scam that relies on people being in too much of a hurry to pay attention to the details. Be deliberate to avoid being sorry later when it comes to using a search engine.

This story was originally published February 15, 2018 at 4:39 PM with the headline "Search engine slip-ups can get you scammed in a flash."