Ledger Wallet™ just got a major upgrade.

Take control today

A whole new level of choice, clarity and control

Trade different via Ledger Wallet 4.0

Download now Learn more

Typosquatting

Mar 25, 2025 | Updated Mar 25, 2025
Typosquatting is a deceptive practice where scammers create nearly identical versions of legitimate websites or crypto addresses to trick users into visiting fake sites or sending funds to the wrong destination.

Typosquatting is a deceptive practice where scammers create nearly identical versions of legitimate websites or crypto addresses to trick users into visiting fake sites or sending funds to the wrong destination.

What Is Typosquatting?

Typosquatting (also called URL hijacking or domain mimicry) is a type of phishing scam where attackers create domains that closely resemble popular websites but contain subtle differences. These fake websites may look identical to the legitimate site but are designed to steal your information or funds.

Some tell-tale signs of scam websites include: 

  • Subtle misspellings, such as an additional character, e.g., gooogle.com vs. google.com 
  • Transposition of characters, e.g., faecbook.com
  • Foreign language spellings
  • Subtle variations of top-level domains (such as .co instead of .com)
  • Plurals of a singular domain name
  • Misleading capitalization, such as capitalizing the letter “i” to replace a lowercase “L” 

If an attacker acquires the victim’s details via such a scam site, they can gain access to the user’s real account and obtain sensitive information, such as banking details, social security numbers, or even crypto account logins.

Typosquatting in Crypto

In the crypto context, typosquatting scams can involve the attacker creating a deceptive Blockchain Naming System (BNS) (such as the Ethereum Name Service (ENS)) domain name to redirect crypto payments into their own addresses. The fake clone can also dupe unwitting users into submitting their credentials, Know Your Customer (KYC) details, or even payment information, which the attacker can then harvest and exploit.

To explain, a BNS makes crypto transactions more convenient by replacing complex cryptographic recipient addresses with human-readable names. However, this opens up another way for typosquatters to take advantage of users, leading to an irreversible transfer of funds to the attacker’s wallet rather than the intended recipient.

How to Protect Yourself

  • Always double-check recipient addresses before sending cryptocurrency
  • Bookmark official websites rather than typing URLs
  • Use official mobile apps from trusted sources
  • Verify the URL carefully before entering your credentials
  • Check transaction history on blockchain explorers before sending to new addresses
  • Consider using hardware wallets for additional security

Remember: Cryptocurrency transactions are irreversible. Once funds are sent to a scammer’s address, they cannot be recovered.

Hedging

Hedging is a risk management strategy that involves simultaneous entering opposing positions in an asset to offset potential losses.

Full definition

Zero-Value Transfer Scam

A zero-transfer phishing attack is where attackers send users transactions with no value to trick them into copying fake wallet addresses.

Full definition

Tokenized Asset

A tokenized asset is a unique digital representation of a real-world asset on a blockchain network.

Full definition

Own your crypto future

Stay informed with security tips, updates, and exclusive offers from Ledger

Your email address will only be used to send you our newsletter, as well as updates and offers. You can unsubscribe at any time. Learn more

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.