Posted on

Best Browser Hijacker Removal Tool for Chrome

Browser hijacker removal tool blocking a computer hacker.


Is chrome acting funny? Are you being redirected for no apparent reason? You might be compromised by a browser hijacker.

Enhance your online security and regain control over your browsing experience. Let’s dive in!

What is a browser hijacker?

A browser hijacker is a form of malicious software or extension that alters your web browser settings without your consent. Its primary objective is to manipulate your browsing experience for various purposes, such as promoting specific websites, collecting user data, or generating revenue through
deceptive practices. 

These hijackers typically enter your system disguised as legitimate tools
or software.

What do browser hijackers do?

When a browser hijacker infiltrates your system, it can carry out several disruptive activities, including:

  • Modifying your default homepage, search engine, and new tab settings.
  • Injecting unwanted advertisements and pop-ups into your browsing sessions, similar to spyware.
  • Redirecting your search queries to unfamiliar or potentially dangerous websites.
  • Tracking your online behavior and collecting personal information for
    targeted marketing.
  • Slowing down your browser’s performance by consuming system resources.

What are the effects of browser hijackers?

Browser hijackers can have several negative effects on your
browsing experience.

  • Exposure to potentially malicious websites that may contain malware or
    phishing attempts.
  • Compromised privacy and data security due to unauthorized data collection
    and tracking.
  • Reduced browsing speed and performance as hijackers consume
    system resources.
  • Frustration caused by constant redirects, intrusive ads, and unwanted
    browser modifications.

Browser Hijacker Removal Tools for Chrome

SUPERAntiSpyware™ 

SUPERAntiSpyware™  effectively detects and removes browser hijackers, restoring your browser’s default settings and protecting you from potential privacy and security risks.

It doesn’t stop there though! SUPERAntiSpyware™ analyzes your system and compares it against a threat database of over 1 Billion to keep you browsing hijacker-free.

  • Malware Detection and Removal: SUPERAntiSpyware™ employs advanced scanning algorithms to identify and eliminate malware that may pose a threat to your browser. By regularly scanning your system, it helps detect any malicious software or browser hijackers that could compromise your browser’s security and your online safety.
  • Real-Time Protection: SUPERAntiSpyware™ helps prevent the installation of malicious browser extensions, blocks suspicious websites, and alerts you if any potential threats are detected.
  • Secure Internet Browsing: SUPERAntiSpyware™ enhances your browser’s security by blocking access to malicious websites known for distributing malware or engaging in phishing activities. 
  • Automatic Updates: The software regularly updates its malware definition database to stay up to date with the latest threats. This ensures that SUPERAntiSpyware™ is equipped to detect and remove the most recent forms of malware, including those targeting browsers specifically.

Chrome Cleanup Tool (official tool from Google)

The Chrome Cleanup Tool is an official tool developed by Google to help users remove unwanted software or extensions that may be causing issues or hijacking their browsing experience on Google Chrome.

It is designed to scan the Chrome browser and detect potentially harmful or unwanted software that could be affecting performance or hijacking settings.

If the tool detects any issues, it notifies you with a list of potential threats found on your system. You can review these notifications and choose whether to remove or disable the identified software or extensions.

How to prevent browser hijacking

Prevention is always better than cure when it comes to browser hijacking. Consider implementing the following practices to safeguard your
browsing activities:

  • Install a reputable antivirus and keep it up to date to detect and block
    potential threats.
  • Be cautious when downloading and installing software, ensuring you obtain it from trusted sources.
  • Regularly update your web browser and its extensions to benefit from security patches and bug fixes.
  • Avoid clicking on suspicious links or pop-up advertisements that may lead to malicious websites.
  • Carefully review permissions requested by extensions or software during installation, denying unnecessary access.
  • Educate yourself on common phishing techniques and practice safe
    browsing habits.
  • Enable browser security features like pop-up blockers and safe browsing modes.

Conclusion

Browser hijackers can disrupt your online experience, compromise your privacy, and expose you to potential threats. If you need to monitor, prevent, and remove browser hijackers, sign up for a risk free trial.

Posted on

Qulab, The information stealer

Info stealers are nothing new, and Qulab is no exception.  Designed to get in quick and get as much data as they can, these malicious programs steal all personal information about you from your computer. In particular, Qulab is know in its current iterations to steal information from browsers, including:

  • login credentials and history
  • file transfer protocol credentials
  • Discord and telegram logs
  • Steam information and accounts

It can copy any file that ends in .txt, .maFile, and wallet.dat—in case you have anything important lying around.

How it works

Qulab is built in a scripting language called AutoIT. Generally used to automate monotonous tasks done with a keyboard and mouse, AutoIT gives the hacker the same power as a programming language, while making it easier (in most cases) to program due to it being written in a simpler language.  Once executed on your computer, Qulab sets up a few important settings, namely no tray icon, which prevents you from seeing it running. Then, Qulab starts to replace things like windows function calls and database queries with slightly modified code. By modifying these common functions to use custom versions, the malwares reduces its reliance on the computer it is infecting and allows it to cause more damage.

After running on the you computer, the malware quickly sets up persistence on the computer through well-know methods—such as running the program on computer startup—and a less well-known method that reruns the malware on any major computer change, such as:

  • changing any computer settings
  • network status changes
  • connecting to or disconnecting from charger on a laptop
  • being idle for a set period of time

The “clipper” functionality of Qulab revolves around watching what is in your clipboard (the place that stores data you copy) and changing it if it matches certain parameters. One of the most notable is that it will replace wallet IDs for cryptomining account so that the earned money proceeds to go into the hacker’s account rather than yours. If you do not have cryptomining on your computer then it won’t do anything but slow down your computer.

The “browser stealer” function checks to see which browsers you have installed and then immediately attempts to steal files with any important information. The most notable are wallet.dat, login data that is stored on the browser, and history.

Discord , a online chat service, saves messages and chat history on its local computer when installed. Qulab looks for these files and if it finds them it decrypts them and sends them off to the hacker.

Qulab also attempts to hijack steam sessions, and if the computer uses the Steam Desktop Authenticator, Qulab also attempts to steal a file that provides authentication details. This is becoming common for most information stealers.

After all this data as been extracted, Qulab sends it to the hacker and then continues to scan every couple of seconds to see if any new information has arrived.

Who is affected?

One of the scary things about Qulab is that it is very affordable on the dark web. Coming in at only $30 with support optional, it no longer takes a master hacker to obtain a powerful, flexible information stealer. It could be slipped into downloads from illegitimate sources or used in malspam campaigns.

Indicators of Compromise

  • %APPDATA%/%RANDOM_FOLDER%/
  • %APPDATA%/%RANDOM_FOLDER%/1/
  • %PAYLOAD_NAME%.module.exe (7zip)
  • %PAYLOAD_NAME%.sqlite.module.exe (sqlite3.dll)
  • IP 185.142.97.228

What you can do


If you or someone you know is infected with Qulab malware, download SUPERAntiSpyware Professional right now and get a 14-day free trial, no credit card required.  SUPERAntiSpyware is easy to install and will detect and remove Qulab from any Windows computer. If you are a Computer Technician, you may like to try our SUPERAntiSpyware Tech Edition solution, now free for the next 30 days. Use Tech04 as the Tech ID.  Click here: https://www.superantispyware.com/technician-download.html

Posted on

How to remove Emotet

You may have heard of the Trojan Emotet before. Since first appearing back in 2014 stealing banking information, it has evolved into a multi-faceted threat that targets everyone. It uses social engineering through emails to attempt to convince the user to open a Microsoft Word document and run its malicious macros. Even more worrisome is that once Emotet has infected a target, it attempts to take over the victim’s Microsoft Outlook desktop application. If successful, Emotet goes through all sent emails and contacts and send out a new wave of spam emails. Only this time, the potential victims are receiving the message from a trusted email.

A campaign from Emotet over the Christmas season read like a friend sending a friendly season greeting.

Dear <name>,

You make the stars shine brighter and the winter days warmer just by being in my life. Merry Christmas to my favorite person in the world.

Merry Christmas and a wonderful New Year!

Greeting Card is attached

A lovely thing about Christmas is that it’s compulsory, like a thunderstorm, and we all go through it together. Garrison Keillor

While not limited to invoices or Christmas cards, these emails attempt to get the user to click the download link and then to open the document. In the email mentioned above the target may be fooled into thinking that the attached greeting card is legitimate.  The document actually contains a malicious macro, an embedded script. While macros were initially designed to help automate keystrokes and mouse movements, they were quickly abused by nefarious virus creators. The infection cannot run on its own as Microsoft has automatically disabled macros more than a decade ago to help stop these malicious scripts. Instead, Emotet uses a few techniques to get the user to re-enable macros. Examples can be seen below.



The picture urges the user to click the Enable Content button, implying that they cannot view the Word document until they do so. You may have already noticed that the bar itself says that macros have been disabled, and the Enable Content button will, in fact, allow them. The moment that Enable Content button is clicked, the macros will start, and in seconds you will be infected. Even worse, in most cases you will have no indication from this point forward that anything is wrong. In one test case we briefly had a command window appear:



This window lasted less than two seconds before disappearing. This attack vector is not unique to Emotet though. In fact, it has been used by a number of ransomware attacks in the past. If you ever see a document you didn’t expect to receive, you should always be extremely cautious with it and you should never enable macros without a very good reason.

How it works

Emotet is an evolving malware that has been known to primarily spread itself through email spam campaigns.  Emotet itself does not attempt to do much harm; instead, it opens the door for other malware who pay the doorman on the way in. It achieves this by using what is known as a Command and Control server (C&C): Emotet requests instructions from its C&C server, which  issues a new command. This command could be anything from “grab this malware sample and run it” to “tell me what passwords are stored in the user’s browser.” Emotet can receive updates and new capabilities in this way as well, showing that if Emotet has infected your computer or network, it should be removed as quickly as possible.

Emotet doesn’t stop at the first computer infected though. Once it’s on a network, it will attempt to get to all computers it’s connected to through a brute-force attack. Unless strong passwords are enforced on machines and all known vulnerabilities are patched, a single installation of Emotet can cause every computer in the network to become infected. Emotet is often updated with new exploits as they are found, meaning that while it may not be successful at first, it will keep trying until it finds something that does work.

Code

We won’t go into too much depth on the actual code itself, but a brief step-by-step walkthrough can be useful to get a better understanding on how this malware works.

1. In the Word document there is a VBA script that is obfuscated so that you cannot read it at a glance. All this code does is launch a command shell, which then launches PowerShell, a more powerful version of the Windows command shell.

2. Using PowerShell, the script attempts to download the core Emotet payload from a large variety of distribution websites.

3. The randomly named payload will then reach out to the main server and request a command. The command will change based on the campaign that is running —it could go grab new malware or it could attempt to use your own email address as a way to spread itself.

Who is affected

Many people assume that they will not be targets of malware campaigns. Emotet, though, targets everyone equally: it has the simple goal of getting on every machine it can and then getting paid to let other, more targeted malware come in behind it. If your email address has ever been sold, disclosed in a breach, or was on a friend’s email list when they got infected, then it’s possible you will receive a malicious email from them.

Indicators of infection

The main location for the executable is in C:\Users\<name>\AppData\Local\ and then whatever new name Emotet decides to use. One we have seen often is archivessymbol, but this will change. If you see something in this folder you don’t know about, it’s important to run a scan.

Versions of Emotet can also drop files onto your computer in C:\Users\Public or C:\Users\<username>:

These files generally have 5-6 randomly generated numbers in the file name, followed by .exe. These are not actually executable files, but HTML documents that are used to generate revenue for the Blackhat’s by simulating clicks on web advertisements.

What you can do


If you or someone you know is infected with the Emotet malware, download SUPERAntiSpyware Professional right now and get a 14-day free trial, no credit card required.  SUPERAntiSpyware is easy to install and will detect and remove Emotet from any Windows computer.

If you are a Computer Technician, you may like to try our SUPERAntiSpyware Tech Edition solution, now free for the next 30 days. Use Tech01 as the Tech ID.  Click here: https://www.superantispyware.com/technician-download.html

Emotet has also been known to exploit a vulnerability in Windows called EternalBlue. Microsoft has issued a patch for this, and applying this patch can help protect you from Emotet as well as other malware who utilize this exploit.

HOW TO REMOVE EMOTET

  1. Restart the infected computer in safe mode without networking
  2. Search through the Indicators of infection and investigate any files/folders you do not recognize. You can run the file through SUPERAntiSpyware or online through VirusTotal.com to confirm that it is malware.
  3. Delete files and folders that have been confirmed as malware.
  4. Repeat steps 1-3 on all other machines in the network.
  5. Restore all infected computers to normal mode only after confirming the infection is removed.

Posted on

Layerin’ Ain’t Just for Winter! Bolster Your Security With Layers of Protection

Virus infection

I thought Spyware and Viruses are the same thing?

A virus is malicious code that copies itself over and over in order to do damage to your computers data while Spyware is an umbrella term used to describe a variety of threats such as Trojans, Ransomware, Keyloggers, Cookies, Worms, etc that may do damage to your PC and/or privacy but do not have the intention of totally destroying your computers data and system unlike a virus.

So your telling me I need an Anti-Virus AND an Anti-Spyware?

Strictly speaking, SUPERAntiSpyware© is not designed to be Anti-Virus software. We target Spyware, a focus that allows us to respond quickly to the ever-growing groups of hostile software we address, with new definitions released multiple times a day, and concentrate on the technology that targets the most common threats in the wild. There are a lot of things that are often called viruses (many trojans, worms, and so on) that SUPERAntiSpyware© will remove, but it won’t remove true viruses such as boot-sector viruses.

Security With Layers of Protection

No one security tool can catch everything out there and protect you, which is why we recommend a layered approach. We recommend if you use an Anti-Virus, you supplement it with SUPERAntiSpyware© and if you only use SUPERAntiSpyware© alone, consider getting an Anti-Virus. SUPERAntiSpyware© has been designed to be compatible with popular Anti-Virus applications such as McAfee, Symantec(Norton), Kaspersky, Bitdefender, ESET NOD32, AVG, Avast, Panda, Avira, and so on.

 

Posted on

What Are Cookies?

What Are Cookies and How do they work?

Cookies are files, typically text files which are stored on a user’s device. They are made to contain data specific to the user or website, and can be accessed either by a web server or the users device. Cookies cannot themselves harm your computer in any way. Cookie allow the web server to deliver a web page “suited” to the user, or the web page itself can contain a script which is reading the data in the cookie and so is able to carry information from one visit to the website to the next website.

Typically what this means is that cookies are used to remember logins and keep track of user settings on websites, this information might include the name of the site, particular products being viewed, pages visited, etc. Cookie can be used to track your movement on the Internet ONLY if a site is aware of the cookie and is designed to use the specific cookies. Because of their use in tracking online activity, many feel that this constitutes spyware. Most antispyware applications, including SUPERAntiSpyware, detect tracking cookie in one form or another.

Cookie are not blocked by SUPERAntiSpyware because they are required for most web functionality.  Cookie will come back every time you surf the web, and can be cleaned by running a Quick or Complete Scan.

Posted on

Watch out for fake USPS delivery emails!

usps

Fake USPS Delivery Emails?

We at SUPERAntiSpyware have been alerted to scam emails hitting users claiming to be from the US Postal Service (USPS) that contains a link that will infect them with malware. One of the emails being used by this scam is notice@ussp(DOT)com

The subject line of the email will typically be titled “Delivery notification – Parcel delivery *NUMBER* failed” containing a message that the user please call the number on the shipping notice we left at your doorstep (which there will be none!) to arrange a new delivery, and a link which you can view the delivery notice online, on the USPS website.

This is a fake link to a malware infested website.

If you see a link in a suspicious email such as this do not click the links or open the attachments no matter how innocent they sound. If it claims to be from an official organization, call them and ask if the email is legit. Better safe than sorry!

Posted on

“The HoeflerText Font Wasn’t Found” Google Chrome Malware Scam – What it is and how to avoid it!

HoeflerText Font Wasn’t Found ?

You are browsing the web and accidentally land on a website with nonsensical characters instead of letters and you receive a prompt to download a missing font in order to read the website. You are told in order to fix the error and display the text, you have to update the “Chrome Font Pack”. Whatever you do, please do not click that blue Update button!

HoeflerText
Fake Google Chrome Prompt asking you to install the malware

It is a scam designed to trick users into installing malware onto their systems. This malware is ranging from Ransomware, to Trojans, to various adware bundles.

How to avoid it

The fake dialogue box informing you that the “The HoeflerText Font Wasn’t Found” will claim you are using Chrome version 53 even if you are not using that version, which tells you something isn’t right and that the prompt you are seeing is fake.

Make sure you are using the latest version of Google Chrome which you can download by clicking here

Make sure you are also using the latest version of SUPERAntiSpyware with Real-Time Protection enabled, a feature only available for SUPERAntiSpyware Professional users.

Posted on

Tax Season is here – Watch out for Identity Stealing Spyware!

Taxes The Season is Here !

Keep your personal information safe this tax season by doing a Free scan with SUPERAntiSpyware Free Edition

We want to remind everyone that tax season is the time of increased attacks in the forms of spyware, various methods of phishing , and scams. Spyware and Malware authors significantly increase their activity during the tax season in order to try to steal data and withdraw money from bank accounts, steal credit cards, passwords, and other malicious acts.

Watch out for Identity Stealing Spyware!

During this tax season its important to do a few things to help protect yourself online:

1) Make sure your Operating System and software applications such as web browsers and email clients are up to date.

2) Run a Complete Scan with SUPERAntiSpyware regularly with the latest updates, at least twice a week during this period of increased activity.

3) Be cautious before visiting strange websites, or opening strange email attachments. Think before you click!

4) Manually erase, or use privacy software, to delete sensitive data from you PC. Spyware cannot steal what isn’t there!

5) Lookout for spam phishing email impersonating government, bank, or tax company officials asking for sensitive information.

Do you have any security recommendations that help you stay safe during the tax season? Feel free to leave a comment below!

SUPERAntiSpyware Team

Posted on

Prevention is Best!

Prevention is the best Safeguard

Prevention is the best way to ensure you are never infected with spyware and your data is never lost or stolen. It is possible to clean up an infected machine and remove spyware but sometimes the damage from certain spyware, such as ransomware, cannot be fixed as files become encrypted or otherwise corrupted.

While no single solution available is a silver bullet, the following list outlines some of the best practices in lessening the risks of losing data after an infection:

1) Backup your files and software! Having backup copies of your photos, documents, software, and other files can make sure you never lose them to a malware infection such as ransomware encryption. Many people choose to use external drives or the cloud for their backups, but keep in mind that if you use external drives, the data can still be at risk if you leave your backup drives connected to your machine at all times.

We at SUPERAntiSpyware offer an Online Backup Solution as an optional service when purchasing SUPERAntiSpyware at $6.95 a month. This subscription allows you to back up and protect your important files and documents onto a cloud-like server so you always have copies of your important files.  You can read more about our backup services here: https://www.backup.support.com

2) Keep SUPERAntiSpyware up to date and run regular scans. We update our definition list twice a day to make sure our users catch the latest threats, as well as periodically release software updates. It is imperative users keep up to date so their software continues finding the latest threats. In order to make sure that nothing creeps in between scans, we recommend regular scanning at least once a week, if not every day.

3) Update your Windows Operating System and Software you use. Make sure you always are using the latest version of Windows with the latest updates and security fixes. Most Windows updates are patches for existing and/or potential vulnerabilities, so keeping these holes filled is crucial in stopping the spread of malware. Additionally, using unsupported operating systems (anything older than Windows 7 as of right now) can leave you just as unprotected. If you are using web browsers such as Firefox, Chrome, or others, always make sure you are using the latest versions, and don’t forget to update any add-ons, plugins, or extensions you use to the latest editions.

4) Double Check Emails before opening them. Check the sender of every email you receive. If you do not know them, or the email looks suspicious, do not open it! Delete it! Do the suspicious emails include links to click or strange attachments? Do not click the links or open the attachments no matter how innocent they sound. If it claims to be from an official organization, call them and ask if the email is legit. Better safe than sorry!

5) Use strong passwords and/or multi-factor authentication. Good passwords are long. Good passwords also contain capital and lower case letters, numbers, and special characters. Do not use an easily accessable password that contains personal information like your birthday or the name of your pet, and do not use the same password for every website! This makes it harder for hackers to gain access to your personal information, especially when you use different passwords for every site. It might be a bit more to remember, but it diminishes the risk and the headache of sorting everything out after your information is stolen.

Many sites, such as banks, often will have multi-factor authentication available. With these systems, you not only need a password, but you also will need a special code that is often randomized on a dongle or smart phone app. These types of systems are more secure than just a typical password, as the extra step is incredibly difficult to hack into.

6) Use an Ad blocking Extension. Software such as Adblock Plus and uBlock Origin for your internet browsers are free, cross-platform browser extensions that filter unwanted content such as ads, pop-ups, rogue scripts, and even IP leaks. Using an ad blocking extension on your web browser will greatly lessen the impact of “Malvertising”, website ads that drop rogue programs onto your PC without your knowledge. While these programs might not block every ad you encounter, the chances of you running into something particularly malicious will be reduced dramatically.

7) Remove unsupported software. Many software programs, such as Flash or QuickTime, are no longer supported by their publishers, or are no longer supported by modern web browsers. This means that existing versions can have massive security flaws, despite their being many users who still have the software installed on their computers. It is recommended that users uninstall software that has been abandoned by their creators, especially if it is something that deals with content on the web.

At the same time, many newer pieces of software cannot run on older operating systems such as Windows 98, Windows ME, and even Windows XP. Keep your operating system up to date! When Microsoft stops supporting an old operating system, they stop all updates, which can lead to vulnerabilities being exploited.

8) Don’t talk to tech support scammers. If you’re on the internet and suddenly get a pop-up or email claiming your PC is infected with a virus, and that you need to call a listed number immediately, do not do it! A real security company wouldn’t sell their services from sketchy pop-ups or emails. These companies typically list a 1-800 number for you to call so they can try to lure you into spending potentially hundreds of dollars and giving them remote access to your PC.  More likely than not, they will try to infect you or steal personal information during their remote access “work”.

9) Make sure you are on secure connection when purchasing products online or entering in personal information. You can tell you are on a secure website when the URL reads “https” and not just “http.” This is also referred to as HTTP over SSL which is encrypted. This protects against eavesdropping and tampering. Often, the address bar will change color or display a lock icon next to the URL you are visiting if you are connected through a secure HTTPS connection.

10) Use a firewall. Since Windows XP, every Microsoft operating system has come with a firewall. It is recommended you make sure this is always enabled. If you use a third-party firewall, it is also recommended you always keep it up and running. Firewalls use rules and examine network traffic as it passes in and out of your PC. If a connection does not follow the firewalls rules, it will be blocked. This also allows you to monitor activity on your network from intrusion attempts or if rogue software on your PC is trying to reach out to a hacker.

Remember to Stay Safe

Even the most cautious of people can get infected; however, by following these tips your risk of getting infected or being unable to recover from an infection will go down dramatically. Remember to stay safe, exercise caution, scan regularly, keep everything up to date, and backup your data often.

Posted on

Typosquatting: Another front of malware attacks

Typosquatting is a type of internet scam that relies on end users making mistakes, such as spelling errors or entering the wrong domain name when entering a websites URL. It is also commonly known as URL Hijacking. There are many motivations for a hijacker to take the Typosquatting approach to deceiving unsuspecting victims:

1) To redirect web traffic to their own or a competitor’s product.

2) Installing malware to infect the user’s machine, typically with ad-hosting pieces of malware.

3) Freeze the web browser for a fake Tech Support scam, scaring the user into calling a fake tech support number claiming the user has a virus infection. These scams potentially cost the users hundreds of dollars.

4) To steal user information by running a phishing scheme to mimic legitimate website.

5) Making revenue from the user clicking on advertisements (either in plain site or disguised as legitimate search links) on the Typosquat website.

6) To blackmail or strong-arm payment from the company they’re Typosquatting in order to force a purchase of the website from the Typosquatter.

A scammer who runs a Typosquat scam typically registers a website address with spelling close to the legitimate websites address. This is typically something simple like omitting a letter, adding a letter, or using a different Top Level Domain. For example if a user wants to go to our website, they may end up typing superaantispyware[dot]com with double a’s. This will end up showing a user a Typosquatting website such as this:

Another type of Typosquat scam would be due to the person improperly typing out the full URL, typing something like google [dot] om , rather than typing google [dot] com. In this instance, the person typing the .om domain would actually be viewing a page hosted on Oman’s Top Level Domain, rather than the basic .com domain. In some instances, large corporations will buy up as many associated domains as they can in order to prevent this type of mistake (Google, for example, has variants of their site containing multiple o’s and different Top Level Domains); however, not all companies have the foresight and/or money to do this.

It is easy to avoid falling prey to a Typosquatting scam. Here are a few easy things you can do to prevent this.

1) Never open links in emails from unexpected senders, and exercise caution when visiting sites you’re not familiar with.

2) Bookmark your favorite websites so you can easily access them.

3) Use a search engine like Google, Bing, or Yahoo when looking for a specific website if you are unsure about the spelling or if the business’ website is the same as their name. Some car dealerships, for example, use dealer names or slogans as their website.

4) Double check the URL you are typing before loading the page

5) Make sure Real-Time Protection is turned on in SUPERAntiSpyware Professional

6) If you are starting a web-based business, consider buying multiple domains that are similar to your primary site to preemptively stop Typosquatters. Most domain registrars will offer bulk rates when you purchase more than one domain at a time.

While this type of attack is somewhat uncommon by today’s standards, it still happens every once in a while. By practicing safe browsing habits, keeping your web browsers up-to-date, and running regular scans of your machine, you should not be impacted by most of these types of attacks.