A recent spike in virus detections has been attributed to end-users visiting www.compnay.com. The business has an established relationship with an organization
using the URL of www.company.com but not with the site that has been causing the infections. Which of the following would BEST describe this type of attack?

A.
Typo squatting

B.
Session hijacking

C.
Cross-site scripting

D.
Spear phishing

Explanation:
Typosquatting, also called URL hijacking or fake url, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typographical errors
made by Internet users when inputting a website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to any
URL (including an alternative website owned by a cybersquatter).
The typosquatter’s URL will usually be one of four kinds, all similar to the victim site address:
(In the following, the intended website is “example.com”)
· A common misspelling, or foreign language spelling, of the intended site: exemple.com
· A misspelling based on typing errors: xample.com or examlpe.com
· A differently phrased domain name: examples.com
· A different top-level domain: example.org
Once in the typosquatter’s site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website
layouts or content.
Incorrect Answers:
B: In computer science, session hijacking, sometimes also known as cookie hijacking is the exploitation of a valid computer session–sometimes also called a
session key–to gain unauthorized access to information or services in a computer system. In particular, it is used to refer to the theft of a magic cookie used to
authenticate a user to a remote server. It has particular relevance to web developers, as the HTTP cookies used to maintain a session on many web sites can be
easily stolen by an attacker using an intermediary computer or with access to the saved cookies on the victim’s computer. In this question, the users went to
www.compnay.com instead of www.company.com. Therefore, this is not a case of hijacking a valid session; it’s a case of users going to the wrong URL. Therefore,
this answer is incorrect.
C: Cross-site scripting (XSS) is a type of computer security vulnerability typically found in Web applications. XSS enables attackers to inject client-side script into

Web pages viewed by other users.
Cross-site scripting uses known vulnerabilities in web-based applications, their servers, or plug- in systems on which they rely. Exploiting one of these, attackers
fold malicious content into the content being delivered from the compromised site. When the resulting combined content arrives at the client-side web browser, it
has all been delivered from the trusted source, and thus operates under the permissions granted to that system. By finding ways of injecting malicious scripts into
web pages, an attacker can gain elevated access-privileges to sensitive page content, session cookies, and a variety of other information maintained by the
browser on behalf of the user. The question is not describing an XSS attack. Therefore, this answer is incorrect.
D: Spear phishing is an e-mail spoofing fraud attempt that targets a specific organization, seeking unauthorized access to confidential data. As with the e-mail
messages used in regular phishing expeditions, spear phishing messages appear to come from a trusted source. Phishing messages usually appear to come from
a large and well-known company or Web site with a broad membership base, such as eBay or PayPal. In the case of spear phishing, however, the apparent source
of the e-mail is likely to be an individual within the recipient’s own company and generally someone in a position of authority. The attack described in the question is
not an example of spear phishing. Therefore, this answer is incorrect.

http://en.wikipedia.org/wiki/Typosquatting
http://en.wikipedia.org/wiki/Session_hijacking
http://searchsecurity.techtarget.com/definition/spear-phishing