This article comes from the September edition of The AARP Bulletin.

Stay safe: Dot that email address. — Photo by Rob Atkins/Getty Images

“First came ‘typosquatting.’

“In this common scam, cyber-criminals buy Internet addresses that differ from big-name ones by just a letter or two, then capitalize on sloppy typing. Someone who wants to go to xyxcorp.com but accidentally types xyzcorp.com ends up at the scammer’s site.

“Now comes another trick to hook the fumble-fingered, courtesy of a keystroke omission rather than a misspelling: a missing dot in an email address.

“The goal is the same: to glean personal information, infect the visitor’s computer with a virus orsell worthless junk as a prized brand-name product.

“This newly uncovered scheme, targeting the all-important dot in corporate communications systems, can route email into the hands of scammers, giving them any and all confidential information that the messages contain.

“The scammers’ key tool is a “doppelganger” domain, an Internet address that is spelled identically to a legitimate site but is missing the crucial dot, typically found between what’s known as a subdomain and domain in the address.

“Doppelganger domains would include “mailyahoo.com” instead of the correct “mail.yahoo.com,” or “seibm.com” instead of the correct “se.ibm.com” that IBM uses for its division in Sweden.” Click here to read the entire article.