Typosquatting Scam
Fake websites with URLs similar to legitimate sites (like "arnaz0n.com" or "paypa1.com") designed to steal credentials, distribute malware, or harvest payment info.
1How It Works
How Scammers Make Contact
2Warning Signs & Red Flags
- URL has a typo or looks slightly off
- Login page asks for more info than usual
- Site certificate warning in browser
- Site design is slightly outdated compared to real site
- Prompted to download something unexpected
- URL uses unusual domain extension
- Site found through search ad rather than organic result
- Clicking a link from email lands on unfamiliar domain
3Real-World Example
"I typed 'wellsfagro.com' instead of 'wellsfargo.com' by accident. The site looked identical to Wells Fargo's real site. I logged in before noticing the URL was wrong. The scammers tried to transfer $8,000 out of my account that night. Luckily, Wells Fargo's fraud detection caught it."
— Better Business Bureau Scam Alert
4How to Protect Yourself
- Bookmark important sites rather than typing URLs
- Always check the URL in the address bar before entering credentials
- Look for HTTPS and valid certificates (lock icon)
- Be careful when typing — slow down for important sites
- Use a password manager — it won't autofill on fake sites
- Don't click login links in emails — navigate directly to sites
- Use browser security features that warn about suspicious sites
- Be extra careful with shortened URLs (bit.ly, etc.)
5What To Do If You're a Victim
- 1If you entered credentials, change that password immediately
- 2Change password on any site where you used the same one
- 3Enable 2FA on affected accounts
- 4Run antivirus if you downloaded anything
- 5Monitor accounts for unauthorized access
- 6Report the fake domain to Google Safe Browsing
- 7Report to the legitimate company being impersonated
- 8Report to FTC at ReportFraud.ftc.gov
Report This Scam
?Frequently Asked Questions
What is Typosquatting Scam?
How common is this type of scam?
Can I get my money back?
How do I report this?
Sources & References
Related Scams
AI-Enhanced Phishing
Highly personalized phishing emails written by AI that are more convincing and harder to detect than traditional phishing attempts.
Fake Online Store
Fraudulent e-commerce websites that take your payment but never deliver products, or send counterfeit/inferior goods.
Fake Data Breach Notification
Phishing emails disguised as legitimate data breach notifications that trick you into entering credentials on fake "identity protection" or "password reset" sites.
Think You've Encountered This Scam?
Use our free AI scanner to analyze suspicious messages, websites, or phone numbers.
Scan Now — It's Free