First of all, it is necessary to clarify what the squatting type is for those who are not familiar with the term, it is a type of threat that can put our data at serious risk, that is, from a failure when typing a letter in the URL address with the keyboard, we can reach a malicious website without realizing it.
That is why this type of cyberattack is also known as URL HIJACKING (url hijacking). Those who use it use it to register derived addresses from some name of a famous website on the internet, in this case Apple.com, but obviously with a typographical error such as "Apple.om", so they are aimed at users of Mac or Windows computers that "catch" clueless users.
According to security researchers at EndGame, the top-level domain for the Middle Eastern country Oman (.om) is being exploited by typosquatters They have already registered more than 300 domain names with the suffix .om for US companies and services such as Citibank, Dell, and Macys or Gmail.
Mac OS X users are in the spotlight in this malware typosquatting campaign. According to EndGame, when a Mac user stumbles across one of these web pages with the .om suffix, typosquatters take advantage of a fake Flash update that appears as a pop-up and tries to trick users into installing the advertising component called Genieo and of what we already talked in this other post.
Genieo is a type of malware / adware variant that normally infiltrates the user's system posing as a Flash update. Once on the target computer, Genieo locates itself in a .DMG image that later exploits a system vulnerability to automatically install itself as an extension in all supported browsers (Chrome, Firefox, or Safari). So you know, from now on you will have to be very careful when writing the correct address and checking the security certificate to know that we are in a trusted site.