[German]At the end of the year a brief security warning to Office users who try to log on to their Microsoft Office account. A small typo, and you’re already trapped, because Microsoft has failed to register the domain ofice [dot] com.
Domains that consist of a mistyped URL have the ‘charm’ for their owners that many users unintentionally visiting the site. Users who have made a typo (forget a character or twist some letters within a URL, the land on the ‘typo domain’ instead of the desired target page. Companies should also register such ‘typo domains’ in order to prevent misuse. If you type micosoft.com in your browser, for example, you should be redirected to microsoft.com (currently I receive an error message using this typo URL).
The ofice[.]com problem
Microsoft Office users can log on to their Microsoft Office account at office.com/myaccount. The user will then be redirected to the live.com login page.
There’s nothing really exciting about it now. Stupid is only if someone mistypes at this URL …
Blog reader Karl has informed me via Twitter about a failure of Microsoft. They didn’t manage to register the domain ofice . com – it is under the control of a third party:
Enjoy the “show” – visit on own responsibility.
— al Qamar (Karl) (@tweet_alqamar) 29. Dezember 2018
So if you mistype the URL office.com and omit a f, you will end up on the mistyped domain. In Google Chrome, after several Redirects you get the following display:
There someone tries to bring the AdBlocker Premium as a chrome extension to the browser user. In Firefox you are redirected to another page and should click on an ‘I’M HUMAN’ Security Check button. At this point the urgent warning: Don’t click on the displayed options. What is hidden behind the mistyped domain or the target pages can be an ad blocker, but also malware. Thanks to Karl for the hint.