Wikipedia:Reference desk/Archives/Computing/2018 September 3

= September 3 =

Typosquatting
Imagine that someone registers the URL  and then sends phishing emails to Apple customers with a capital "I", i.e. the URL is , but it looks like   in a sans-serif font (AppIe versus Apple). Is this typosquatting, or is it something else? Typosquatting doesn't mention the use of lookalike characters, which if I understand rightly is particularly a major problem with Cyrillic сhагасtегs. Nyttend backup (talk) 13:10, 3 September 2018 (UTC)
 * If you take a look at the typosquatting article, you can see Typosquatting is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typos made by Internet users when inputting a website address into a web browser. which is not the case of substituting lowercase "L"s with uppercase "i"s. However, the article also mentions Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site, through the use of copied or similar logos, website layouts or content. Spam emails sometimes make use of typosquatting URLs to trick users into visiting malicious sites that look like a given bank's site, for instance. which kinda suits this situation. IMO, it's not typosquatting.  —AE  ( talk  •  contributions ) 13:14, 3 September 2018 (UTC)
 * Both capital I issues and Cyrillic characters issues would fall under homograph attack or arguably script spoofing. Our article those redirect to, which mentions both examples you cited, is titled IDN homograph attack although exclusively ASCII cases like capital I aren't IDN. BTW, it's linked in the see also of typosquatting. Nil Einne (talk) 06:05, 4 September 2018 (UTC)