Beware of mistyped domain name

[German]At the end of the year a brief security warning to Office users who try to log on to their Microsoft Office account. A small typo, and you're already trapped, because Microsoft has failed to register the domain ofice [dot] com.


Domains that consist of a mistyped URL have the 'charm' for their owners that many users unintentionally visiting the site. Users who have made a typo (forget a character or twist some letters within a URL, the land on the 'typo domain' instead of the desired target page. Companies should also register such 'typo domains' in order to prevent misuse. If you type in your browser, for example, you should be redirected to (currently I receive an error message using this typo URL).

The ofice[.]com problem

Microsoft Office users can log on to their Microsoft Office account at The user will then be redirected to the login page.

Microsoft account login

There's nothing really exciting about it now. Stupid is only if someone mistypes at this URL …

Blog reader Karl has informed me via Twitter about a failure of Microsoft. They didn't manage to register the domain ofice . com – it is under the control of a third party:


So if you mistype the URL and omit a f, you will end up on the mistyped domain. In Google Chrome, after several Redirects you get the following display:

Add-Extension bei

There someone tries to bring the AdBlocker Premium as a chrome extension to the browser user. In Firefox you are redirected to another page and should click on an 'I'M HUMAN' Security Check button. At this point the urgent warning: Don't click on the displayed options. What is hidden behind the mistyped domain or the target pages can be an ad blocker, but also malware. Thanks to Karl for the hint.

Cookies helps to fund this blog: Cookie settings

This entry was posted in Office, Security and tagged , . Bookmark the permalink.

Leave a Reply

Your email address will not be published. Required fields are marked *