by M. Hasaballa
A Nomad WorkinMember
Every morning, as part of my routine, I like to check my bank account balance on my PC while sipping on my coffee. However, this particular day was different. Instead of clicking on my bookmark, I typed in the bank’s website address: www.ahlebank.com.qa. At first glance, everything seemed normal. I typed in my username and password, only to receive an error message saying “404 not found”. I closed the page and tried again, this time using my bookmarked link. But when I logged in, my account balance showed zero, when just the day before I had over $900.
Puzzled, I called the customer service line and spoke to someone who informed me that I had made a withdrawal of $900 just a minute ago. Shocked, I denied it and explained what had happened earlier. The representative suggested speaking to someone from the fraud department, who then said they would investigate and get back to me.
After two weeks, the fraud department reached out to me and said that there was nothing they could do and that they would not return my funds because I failed to do simple due diligence. I was a victim of Typosquatting, also known as cybersquatting.
I had never heard of Typosquatting before. The attackers had registered a domain name that was very similar to the legitimate bank’s website: www.ahlibank.com.qa. The difference was only a single letter – “I” instead of “E”. The attackers easily generated many variations of domain names similar to popular websites and then used these domains to trick users into visiting their websites. Once users arrived on these typo squatting websites, they were prompted to enter their login credentials or other sensitive information, which the attackers could then use for fraudulent purposes.
This experience taught me that Typosquatting attacks can happen to anyone and can be very difficult to detect. It’s important to be vigilant and take precautions, such as bookmarking frequently used websites and being cautious of unfamiliar domain names. Always double-check the spelling and domain name of a website before entering any sensitive information.