Beware of mistyped domain name ofice.com/myaccount

[German]At the end of the year a brief security warning to Office users who try to log on to their Microsoft Office account. A small typo, and you're already trapped, because Microsoft has failed to register the domain ofice [dot] com.


Advertising

Domains that consist of a mistyped URL have the 'charm' for their owners that many users unintentionally visiting the site. Users who have made a typo (forget a character or twist some letters within a URL, the land on the 'typo domain' instead of the desired target page. Companies should also register such 'typo domains' in order to prevent misuse. If you type micosoft.com in your browser, for example, you should be redirected to microsoft.com (currently I receive an error message using this typo URL).

The ofice[.]com problem

Microsoft Office users can log on to their Microsoft Office account at office.com/myaccount. The user will then be redirected to the live.com login page.

Microsoft account login

There's nothing really exciting about it now. Stupid is only if someone mistypes at this URL …

Blog reader Karl has informed me via Twitter about a failure of Microsoft. They didn't manage to register the domain ofice . com – it is under the control of a third party:


Advertising

So if you mistype the URL office.com and omit a f, you will end up on the mistyped domain. In Google Chrome, after several Redirects you get the following display:

Add-Extension bei ofice.com/myaccount

There someone tries to bring the AdBlocker Premium as a chrome extension to the browser user. In Firefox you are redirected to another page and should click on an 'I'M HUMAN' Security Check button. At this point the urgent warning: Don't click on the displayed options. What is hidden behind the mistyped domain or the target pages can be an ad blocker, but also malware. Thanks to Karl for the hint.


Advertising

This entry was posted in Office, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *

Note: Please note the rules for commenting on the blog (first comments and linked posts end up in moderation, I release them every few hours, I rigorously delete SEO posts/SPAM).