{"id":8164,"date":"2018-12-31T14:04:43","date_gmt":"2018-12-31T13:04:43","guid":{"rendered":"http:\/\/159.69.82.204\/win\/?p=8164"},"modified":"2019-05-23T01:06:14","modified_gmt":"2019-05-22T23:06:14","slug":"beware-of-mistyped-domain-name-ofice-com-myaccount","status":"publish","type":"post","link":"https:\/\/borncity.com\/win\/2018\/12\/31\/beware-of-mistyped-domain-name-ofice-com-myaccount\/","title":{"rendered":"Beware of mistyped domain name ofice.com\/myaccount"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" style=\"float: left; margin: 0px 10px 0px 0px; display: inline;\" src=\"https:\/\/www.borncity.com\/blog\/wp-content\/uploads\/2015\/01\/Schutz.jpg\" width=\"40\" height=\"47\" align=\"left\" \/>[<a href=\"https:\/\/www.borncity.com\/blog\/2018\/12\/31\/vorsicht-vor-vertipper-domain-ofice-com-myaccount\/\" target=\"_blank\" rel=\"noopener noreferrer\">German<\/a>]At the end of the year a brief security warning to Office users who try to log on to their Microsoft Office account. A small typo, and you're already trapped, because Microsoft has failed to register the domain <em>ofice [dot] com<\/em>.<\/p>\n<p><!--more--><\/p>\n<p>Domains that consist of a mistyped URL have the 'charm' for their owners that many users unintentionally visiting the site. Users who have made a typo (forget a character or twist some letters within a URL, the land on the 'typo domain' instead of the desired target page. Companies should also register such 'typo domains' in order to prevent misuse. If you type micosoft.com in your browser, for example, you should be redirected to microsoft.com (currently I receive an error message using this typo URL).<\/p>\n<h2>The ofice[.]com problem<\/h2>\n<p>Microsoft Office users can log on to their Microsoft Office account at office.com\/myaccount. The user will then be redirected to the live.com login page.<\/p>\n<p><img decoding=\"async\" title=\"Microsoft account login\" src=\"https:\/\/i.imgur.com\/t2uaQnc.jpg\" alt=\"Microsoft account login\" \/><\/p>\n<p>There's nothing really exciting about it now. Stupid is only if someone mistypes at this URL &#8230;<\/p>\n<p>Blog reader Karl has informed me via Twitter about a failure of Microsoft. They didn't manage to register the domain <em>ofice . com<\/em> &#8211; it is under the control of a third party:<\/p>\n<blockquote class=\"twitter-tweet\" data-lang=\"de\">\n<p dir=\"ltr\" lang=\"en\">have you ever visited <a href=\"https:\/\/t.co\/xyOy9mhc8V\">https:\/\/t.co\/xyOy9mhc8V<\/a> <a href=\"https:\/\/twitter.com\/MicrosoftHelps?ref_src=twsrc%5Etfw\">@MicrosoftHelps<\/a> <a href=\"https:\/\/twitter.com\/Office365?ref_src=twsrc%5Etfw\">@Office365<\/a> ?<\/p>\n<p>Microsoft please shut down this scam domains \/ site misusing typing issues <a href=\"https:\/\/twitter.com\/etguenni?ref_src=twsrc%5Etfw\">@etguenni<\/a> <a href=\"https:\/\/twitter.com\/AskWoody?ref_src=twsrc%5Etfw\">@AskWoody<\/a><\/p>\n<p>Enjoy the \"show\" &#8211; visit on own responsibility.<\/p>\n<p>\u2014 al Qamar (Karl) (@tweet_alqamar) <a href=\"https:\/\/twitter.com\/tweet_alqamar\/status\/1078963288933916673?ref_src=twsrc%5Etfw\">29. Dezember 2018<\/a><\/p><\/blockquote>\n<p><span id=\"preservedb7a7b702773417fb8a78539bf2becf7\" class=\"wlWriterPreserve\"><script src=\"https:\/\/platform.twitter.com\/widgets.js\" async=\"\" charset=\"utf-8\"><\/script><\/span><\/p>\n<p>So if you mistype the URL office.com and omit a f, you will end up on the mistyped domain. In Google Chrome, after several Redirects you get the following display:<\/p>\n<p><img decoding=\"async\" title=\"Add-Extension bei ofice.com\/myaccount\" src=\"https:\/\/i.imgur.com\/2uzP3tY.jpg\" alt=\"Add-Extension bei ofice.com\/myaccount\" \/><\/p>\n<p>There someone tries to bring the AdBlocker Premium as a chrome extension to the browser user. In Firefox you are redirected to another page and should click on an 'I'M HUMAN' Security Check button. At this point the urgent warning: Don't click on the displayed options. What is hidden behind the mistyped domain or the target pages can be an ad blocker, but also malware. Thanks to Karl for the hint.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>[German]At the end of the year a brief security warning to Office users who try to log on to their Microsoft Office account. A small typo, and you're already trapped, because Microsoft has failed to register the domain ofice [dot] &hellip; <a href=\"https:\/\/borncity.com\/win\/2018\/12\/31\/beware-of-mistyped-domain-name-ofice-com-myaccount\/\">Continue reading <span class=\"meta-nav\">&rarr;<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[11,580],"tags":[125,69],"class_list":["post-8164","post","type-post","status-publish","format-standard","hentry","category-office","category-security","tag-office","tag-security"],"_links":{"self":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8164","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/comments?post=8164"}],"version-history":[{"count":0,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/posts\/8164\/revisions"}],"wp:attachment":[{"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/media?parent=8164"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/categories?post=8164"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/borncity.com\/win\/wp-json\/wp\/v2\/tags?post=8164"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}