Don’t Be Typosquatted

In early September 2014, I bought my wife the Singer Heavy Duty 4432 Sewing Machine from Amazon for $99.99. Annie had hoped to make some of her own clothes—something she had long aspired to do. Perhaps if we lived in a larger apartment, she would have achieved her dream; setting up and using the Singer—portable as the thing is—required more space than we could spare.

Fast-forward to late-December 2020. Annie saw a post on Nextdoor from someone looking to buy a sewing machine. Budget: $100. Seeing as the 4432 had never been used, other than to make sure it operated, Amazon’s current price was $209.99, and the manufacturer’s $289.99, $100 would be a deal. Annie responded, and the woman, who we’ll call Grace, agreed to buy the Singer, which would come with extra sewing doodads.

Then, unexpectedly, Grace asked if Annie would hold the machine until Jan. 7, 2021; payday. She agreed. But a day earlier, Grace messaged a link to a website supposedly selling the same model for $59.99. Had Annie seen it? No. She asked my advice about responding. I suggested that the woman passively provoked Annie to lower the price. We agreed that the best response would be to tell Grace that if she could get the machine cheaper somewhere else please feel free.

But something troubled me when looking over the website, where there was no company name or contact information. WHOIS search and also discovery of a clearly legitimate seller made me realize that Grace probably shouldn’t make that $59.99 purchase. I explained all this to Annie, who messaged:

My husband was bothered by the fact that the word machine was misspelled in the web address…He did some quick research and the domain name was created in September 2020 and points to a Chinese company. The two things together bothered him enough to ask me to warn you to make sure that you are placing an order with a legitimate company, rather than one that rips people off. My husband is a journalist who covers the tech industry and he says there are companies that set up websites with misspellings to trick people. The place may be legitimate, but be cautious so you don’t get taken advantage of. And by the way, it looks like there is a website with the address…This website appears more legitimate because they give out address and phone number information. Sewing classes, too. Best of luck.

In the ICANN database, the September 2020 date for the misspelled domain referred to when the record was “created”—meaning either freshly registered or reregistered after a period of abandonment. That fact, coupled with the writing quality and information missing from the supposed seller’s site, made me strongly suspect that Grace had landed on a Typosquatter.

Anti-malware maker Sophos offers an excellent primer on Typosquatting. The practice has many objectives, such as infecting a computer with a virus or stealing someone’s credit card or banking information. But the technique is universally the same: Stake out a domain that is closely spelled to the web address of a legitimate site and let fumble-fingers lead people to you. In Grace’s case, however, a search engine led her astray (which I independently confirmed).

I always advise everyone to look before clicking a search link, and check your destination when typing directly. Good anti-malware software will catch suspicious sites, too. You must be smart, because the Internet is not a safe neighborhood. You can be mugged and robbed as easily online—maybe more likely—than along some shadier streets in cities like Chicago, Los Angeles, or New York.

As for the Singer 4432, maybe the failed sale is opportunity for Annie to sew. The never-ending SARS-CoV-2 (severe acute respiratory syndrome Coronavirus 2)—better known as COVID-19lockdown is ideal time to take up new hobbies.

I used Leica Q2 Monochrom to capture the Featured Image (warning 25MB file), which is composed as shot and presented unaltered. Vitals: f/5.6, ISO 8000, 1/125 sec, 28mm; 4:16 p.m. PST, Jan. 6, 2021.