large image

Trusted Reviews is supported by its audience. If you purchase through links on our site, we may earn a commission. Learn more.

Watch out for typosquatting sites this Black Friday

It’s easy enough to hit a few typos when you’re punching in a site’s address. It’s even easier when you’re typing at super-high speeds to reach a site on Black Friday. Unfortunately, attackers are ready to take advantage of your pudgy, mistyping digits.

New research from Venafi shows that the number of lookalike fake shopping sites has doubled since 2018. In practice, this means that when you accidentally slip an extra letter into Amazon you could be whisked to a site that looks like the spitting image of the retail giant. Which isn’t really a problem, until you unknowingly type in your full address and PayPal details at the fake checkout.

Related: A power user’s guide to staying safe online

In addition to presenting themselves as a replica of a big-name sites, lookalikes often add a layer of deception by using a Transport Layer Security (TLS) certificate, which makes them seem safer to the average online shopper.

TLS certificates are responsible for the little padlock in the address bar. They basically guarantee that all communication between yourself and a site is encrypted – but that safety blanket is rendered useless when the site itself has questionable motives.

This year, the number of fake sites using TLS certificates was 400% greater than that of actual retail domains. And according to Venafi, over half of these certificates were provided by the free-to-use service Let’s Encrypt. We’ve reached out to the company for comment.

Related: Best Black Friday deals

Venafi’s research showed that the UK in particular has a huge problem with fake sites, with the largest ratio of look-alike domains present out of all the countries involved in the research.

It’s easy to think that phishing only happens to people who aren’t that internet savvy. But it might be worth proofreading that address the next time you’re in a big hurry to buy something online.

Why trust our journalism?

Founded in 2004, Trusted Reviews exists to give our readers thorough, unbiased and independent advice on what to buy.

Today, we have 9 million users a month around the world, and assess more than 1,000 products a year.

author icon

Editorial independence

Editorial independence means being able to give an unbiased verdict about a product or company, with the avoidance of conflicts of interest. To ensure this is possible, every member of the editorial staff follows a clear code of conduct.

author icon

Professional conduct

We also expect our journalists to follow clear ethical standards in their work. Our staff members must strive for honesty and accuracy in everything they do. We follow the IPSO Editors’ code of practice to underpin these standards.