Enable Website typo protection to help against Phishing attacks
Published: April 16, 2023 | Author: René Laas
The purpose of this blog post is to inform you how to protect your users from phishing for websites that use a look-alike URL.
Today’s world security is more important than ever. One of the features of Microsoft Edge is its ability to protect your users against phishing attacks. With the typo protection feature in Microsoft Edge, you can help your users to get phished on websites that use a URL that looks like the required URL. You must think about https://office.com and the malicious URL like https://ofice.com
Note. Website typo protection helps protect you when you accidentally navigate to a fraudulent site after misspelling a well-known site’s URL by guiding you to land on the legitimate site instead. For more information about this topic click here
In this blog post, I will explain how to help your users from getting phished with Microsoft Edge Website typo protection (TyposquattingChecker). You still have several other ways like Microsoft Defender SmartScreen, training, and simulations to protect them from phishing.
What is phishing?
Phishing is one of the most common methods used by cybercriminals to steal sensitive information. Phishing is a technique to trick people into giving away their sensitive information, such as usernames and passwords. The attacker sends an email or a message to the victim, posing as a trustworthy entity, such as a bank, an online store, social media platform, or a company login screen. The message usually contains a link that directs the victim to a fake login page that looks identical to the real one. Once the victim enters their credentials on the fake login page, the attacker can use them to gain access to their accounts.
What is typosquatting?
Typosquatting is a type of cybersquatting that involves registering a domain name that is similar to a popular or well-known domain name but with slight variations or typos. Typosquatting is also known as URL hijacking.
The idea behind typosquatting is to capitalize on the traffic intended for the legitimate website by tricking users into thinking they have reached the intended website when they have actually landed on the typosquatter’s website.
For example, a typosquatter might register the domain name “https://endpointtcave.com” (with an extra “t”) instead of “https://endpointcave.com” and create a website that looks similar to my blog, hoping to capture some of the traffic and people logins to the website.
Typosquatting can be used for various malicious purposes, such as distributing malware, stealing user credentials, displaying ads, or selling counterfeit products. It is considered a form of online fraud and can lead to financial loss, identity theft, or reputational damage for the legitimate website owner and its users.
How to enable website typo protection via Intune
- Select Windows 10 and later as the platform.
- Select Templates as the profile type and select Administrative Templates as the Template name
- Click on Create.
- Provide a policy name, e.g., EndpointCave-PRD-Edge settings.
- Set a description, so that everyone with access to the portal knows the purpose.
- Click on Next.
- On the Configuration settings section page, enter in the search bar “typo”.
- click on Configure Edge TyposquattingChecker.
- Enable the Configure Edge TyposquattingChecker setting.
- Click on OK.
- Add more Microsoft Edge settings if you want
- Click on Next
- Enter a scope tag if needed and click on Next
- Assign the profile to a group and click on Next
- Check the configuration at the Review + Create page and click on Create
Enable website typo protection via Edge Settings without Intune
- Open Microsoft Edge.
- Click on the 3 dots button to open the menu.
- In the menu click on Settings.
- Click on the settings page on Privacy, search, and Services in the left pane.
- In the right pane, scroll down till you will find the Security section.
- Under Security, you will find the setting Website typo protection.
- Turn on the toggle
- Website typo protection is now turned on