ADVERTISEMENT

Digital squatters are weaponizing your muscle memory to steal passwords

You don’t have to fall for an obvious phishing email to get burned anymore. A growing wave of “digital squatting” relies on routine tiny-domain lookalikes you barely notice, until you’ve already typed – or auto-filled – your login details into the wrong site.

A magnifying glass revealing a URL that's spelled "Microsfot" instead of "Microsoft"

Image by Cybernews

Marcus Walsh
Marcus Walsh Journalist
Feb 11, 2026 Updated: 12 February 2026 3 min read
An office worker snowed under in his cubicle.
James Leynse via Getty Images
jurgita justinasv Izabelė Pukėnaitė vilius Ernestas Naprys Gintaras Radauskas
Don't miss our latest stories on Google News. Add us as your Preferred Source on Google
Add us as your Preferred Source on Google.

Who is most at risk?

ADVERTISEMENT
A senior citizen gets to grips with a pension processing machine.
Picture Alliance via Getty Images

What kinds of digital squatting are there?

A screenshot with the four different types of digital squatting.
Screenshot from Decodo
What is most underestimated is that brands really don't realize how much trust damage can happen really quickly and quietly because users do not always report these incidents. They just stop trusting anything connected to the brand.

ADVERTISEMENT