Recently discovered by security firm Endgame, this attack takes advantage of us, and our tendency to type and hit enter too quickly, when entering a web address. More than three hundred variants of popular domains, ranging from Netflix to Citibank to Dell have been registered in the nation of Oman, identical in every way to the actual company URL, except these end in “.om” rather than “.com.”
Once you get to the bogus page, you’ll be redirected several times before finally landing on a page that asks you to update your Adobe Flash player. The moment you begin the update, they’ve got you. The malware Genieo is installed on your computer, you’ll begin getting annoying redirects and adware popups commonly associated with this type of malware.
On the whole, this isn’t a dire threat, at least not in its current incarnation, but it wouldn’t take much to modify this basic platform of attack to install software that would give the hackers total access to your system, rather than bothering you with a few annoying ads. Even so, it underscores the importance of always being mindful about where you are on the internet, and never agreeing to a download until and unless you are certain that the source is trusted.
Right now, this appears to be the playground of amateurs who are still honing their skills. This could change at any time, however, so be aware and stay alert.