A slip on the keyboard could land web surfers on questionable survey pages instead of the websites they really want to visit: Twitter, Facebook or YouTube.
It's the latest twist on an old internet game: typosquatting. Typosquatters have been around for years, registering internet domains that are similar to popular websites, and then hoping that the traffic that they get from fat-fingered web surfers will pay out. Often these domains do nothing more than display advertising, but in recent weeks some of them have started promoting deceptive web pages that promise gifts such as iPads or gift cards.
Take Twiter.com, for example. Type this into the browser and a Twitter-like page, complete with a similar blue-bird logo, pops up saying, "Dear Visitor, You've been selected to take part in our anonymous survey. Complete this 30 second questionnaire, and to say 'thank you', we'll offer you a few exclusive prizes. This offer is available today only."
At the same time, a woman's voice says "congratulations" and proceeds to make the same offer. A quick check of the URL that you're on shows something that could seem very much like Twitter: twitter.com-survey2010.virtuousads.com. But that's a website that Twiter.com has redirected you to.
What the page doesn't tell you is that you may have to fill out more surveys and then sign up for all kinds of services and subscription offers in order to qualify for the prizes. If you try to figure out how you landed on this page by retyping twiter.com, you're directed to a completely different page.
The point is to drive web surfers to what are known as affiliate marketing sites - sites that pay others to generate web traffic and sales leads.
"To me, it clearly looks like it's designed to look like Twitter," said Rebecca Henderson, a computer investigative specialist with the Washington State Attorney General's Office. "I don't see how anyone could look at this practice and think it's not deceptive."
Twitter doesn't like it either. The site is confusing, said Twitter spokeswoman Carolyn Penner. "We are aware of, and clearly not happy about, the site. We are working towards reducing user confusion."
Henderson says she started spotting the look-alike survey sites only in the past few months. You can view different versions of this theme by mistyping the YouTube (youube.com) or Facebook (acebook.com) addresses. The Facebook and YouTube versions can have the same audible offer as the Twiter.com page but are tailored to look more like the sites they imitate.
Affiliate marketers can make anywhere from a few pennies to more than $1 per visitor for driving traffic to web pages, and so the incentive to be unethical can be overwhelming. Facebook recently sued two men, Steven Richter and Jason Swan, and a Canadian affiliate marketing company called MaxBounty, saying they were linked to spam messages that tried to generate traffic for online marketing programmes.
Facebook says sleazy marketers are responsible for the ubiquitous "Win a free iPad" or "Win a $1,000 gift card" scams that have been circulating on the social network.
These typosquatting surveys don't seem any better.
"These surveys appear to be data mining operations as well as sleazy pay-per-click advertising techniques," said Andrew Brandt, lead threat researcher with antivirus vendor Webroot. "They're not delivering malware, but they are convincing enough that some people are probably providing lots of personally identifiable information about themselves to less than reputable advertisers."
"Add to that the fact that some of these companies sign you up for paid SMS services in the fine print, and it starts to become clearer how you will be negatively affected."