Cypherpunk and Bitcoin developer Jameson Lopp has taken Twitter to warn his followers about the practice of typosquatting (when bad actors make barely noticeable changes in the domains of popular websites). In such a way, they want to lure in unsuspecting victims.
🚨SECURITY NOTICE🚨— Jameson Lopp (@lopp) October 4, 2019
Users of @Trezor's web wallet should NOT visit it by typing "https://t.co/ZTH56WFMys" into your browser - if you mis-type the URL you may be redirected to an imposter site that will try to steal your BTC! Bookmarks are your friend!https://t.co/3WLq4bo0NB
His “security notice” came on the heels of a post on r/Bitcoin whose author allegedly lost his Bitcoin funds, asking whether his hardware wallet was hacked. One Redditor explained that he was most likely redirected to a fake Trezor website due to a typo.
Lopp encourages Trezor owners to bookmark trezor.io instead of manually typing the site’s name when there is a need to access your funds.
However, the OP claims that he visited a genuine website. Hence, it appears that typosquatting wasn’t the problem, but it’s unclear whether his story is legitimate.
What’s your take on this story? Feel free to leave a comment!