Typosquat Detective : a tiny game to train your eye

The article describes "Typosquat Detective," a short online game designed to train users to identify look-alike domains used in phishing attacks. The game tests players on spotting tricks like number-for-letter substitutions, Unicode homoglyphs, and Punycode domains over ten quick rounds. It was resurfaced by the author to help developers and users defend against supply-chain attacks that often rely on domain typosquatting.

Typosquat Detective : a tiny game to train your eye Table of Contents In light of recent npm/Node.js supply-chain news, I am resurfacing a small game I built: Typosquat Detective. It’s a quick way to practice spotting look alike domains that phishers love. Play it here → https://typo.himanshuanand.com/ What you will practice in ~2 minutes ⌗ - Numbers-for-letters like 1 ↔ l ,0 ↔ o ,5 ↔ s - Unicode homoglyphs Cyrillic/Greek letters that look Latin - Punycode tricks xn--... style domains How it works⌗ - You will see a domain. Decide Typosquatted or Real - 10 quick rounds, bonus for streaks Try it inline⌗ If your browser/theme blocks iframes, just use the link above Why now?⌗ Supply chain incidents and domain look-alikes often go hand in hand. Training your eye to catch subtle domain tricks is a simple layer of defense for users, developers and maintainers are alike. If you want to add levels/brands or peek at the code, ping me I am happy to extend it. Play & share your score: https://typo.himanshuanand.com/ Read other posts