Enable Edge TyposquattingChecker with Intune & GPO

Typosquatting, also known as URL hijacking or domain mimicking, is a form of cybercrime that involves registering domain names that are strikingly similar to well-known websites. Learn how you can configure Microsoft Edge TyposquattingChecker using Microsoft Intune and Group Policy.

Prajwal Desai
Posted by Prajwal Desai
Configure Edge TyposquattingChecker using Intune and GPO

This guide shows you how to configure Edge TyposquattingChecker for users using Microsoft Intune and Group Policy. By default, Edge Website Typo Protection is enabled, but you can enforce a policy to prevent users from turning it off.

Typosquatting, also known as URL hijacking or domain mimicking, is a form of cybercrime that involves registering domain names that are strikingly similar to well-known websites.

The typosquatting cybercrime takes advantage of users who type web addresses incorrectly, directing them to imitation websites rather than their intended destinations. Once they arrive at these imitation websites, users frequently enter sensitive information or download malware without their knowledge.

Typosquatting protection is built into most major browsers, including Microsoft Edge. Although the Edge browser by default has this feature enabled, you may want to restrict users from turning off this security feature.

Both Microsoft Intune and Group Policy can be used to enable or disable the Edge TyposquattingChecker feature for multiple users or devices. This guide covers both of these methods.

Manually enable or disable Website Typo Protection in Microsoft Edge

Microsoft Edge includes a typosquatting checker that can warn you if you appear to have mistyped a common web address and may be directed to a malicious site.

You’ll find that setting in Edge under Settings > Privacy, Search, and Services. Scroll down to the Security section and look for website typo protection.

To enable website typo protection, move the slider to the right. And to disable the website type protection feature, toggle the slider to the left.

Manually enable or disable TyposquattingChecker in Microsoft Edge
Manually enable or disable TyposquattingChecker in Microsoft Edge

Configure Edge TyposquattingChecker using Intune

Use the following steps to configure TyposquattingChecker for the Microsoft Edge browser using Intune:

  • First, sign in to the Microsoft Intune Admin center.
  • Select Devices > Windows > Windows Policies > Configuration Profiles.
  • To add a new policy, select Create > New Policy.

On the Create a profile window, configure the following settings and select Create.

  • Platform: Windows 10 and later
  • Profile Type: Settings Catalog
Configure Edge TyposquattingChecker using Intune
Configure Edge TyposquattingChecker using Intune

In the Basics tab, enter the following details:

  • Name: Enter a descriptive name for the profile that can be easily identified later.
  • Description: Enter a brief description of the profile. This setting is optional but recommended.

Click Next.

Configure Edge TyposquattingChecker using Intune
Configure Edge TyposquattingChecker using Intune

In the Configuration Settings section, under Settings Catalog, click Add Settings. On the Settings picker window, type “TyposquattingChecker” in the search box and click Search. From the search results, select Microsoft Edge\Typosquatting Checker settings.

In the bottom pane, you’ll find two settings by Intune:

  1. Configure Edge TyposquattingChecker: Lets you configure whether to turn on Edge TyposquattingChecker for the system.
  2. Configure Edge TyposquattingChecker (User): Lets you configure whether to turn on Edge TyposquattingChecker for users.

If you want to configure the typosquatting checker feature for users, select the later one. Close the Settings Picker.

Configure Edge TyposquattingChecker via Settings Catalog
Configure Edge Typosquatting Checker via Settings Catalog

In this step, you get the option to enable or disable the typosquatting checker for the Edge browser. Under the Typosquatting checker settings, set the Configure Edge TyposquattingChecker to Enabled and click Next.

Enable Edge TyposquattingChecker
Enable Edge TyposquattingChecker

In Intune, Scope tags determine which objects admins can see. In the Scope tags section, you specify scope tags. Specifying scope tags is optional, and you may skip this step. Click Next.

In the Assignments window, select the device or user groups to which you want to assign this policy. We recommend deploying the profile to a few test groups first and then expanding it to more groups if the testing is successful. Select Next.

Intune Policy Assignments
Intune Policy Assignments

On the Review + Create page, review all the settings that you have configured for Edge website typo protection using Intune and select Create.

After you create a configuration policy in Intune, a notification appears: “Policy created successfully.” This confirms that the policy has been created and is being applied to the groups we chose. The profile that we created appears in Intune’s list of configuration profiles.

Create an Intune Policy to enable website typo protection in Edge
Create an Intune Policy to enable website typo protection in Edge

Sync Policies on Windows Devices

Once you have assigned a policy to your devices, you must wait for the policy to be applied to the targeted groups, and the devices will receive your profile settings once they check in with the Microsoft Intune service. To receive policies from Intune, the devices must be online. You can also force sync Intune policies using different methods, such as PowerShell, on your computers to get the latest policies and settings from Intune.

Monitor Edge Website Typo Protection Intune Policy

To monitor the policy in Intune that you applied to Windows devices and users, select the policy and review the Device and user check-in status.

Under the Device and user check-in status, we see the total number of devices and users that succeeded in receiving the policy. In some cases, the policy may fail to apply to certain devices. To resolve the issues, you will need to troubleshoot the issue by reviewing Intune logs on computers.

The screenshot below shows that the Edge Website Typo Protection policy assigned via Intune has been successfully applied to our groups. Click on View Report to view all the Windows devices that have received the policy settings.

Monitor Edge Website Typo Protection Intune Policy
Monitor Edge Website Typo Protection Intune Policy

Configure Edge Website Typo Protection using Group Policy

Perform the following steps to create a new GPO to configure website typo protection for Edge users:

  • Launch Server Manager from the Start menu.
  • Select Tools > Group Policy Management Console.
  • In the Group Policy Management console, expand the domain, right-click Group Policy Objects or an OU, and select New.
  • Enter the name for the group policy, such as “Configure Edge Website Typo Protection,” and click OK.
Configure Edge Website Typo Protection using Group Policy
Configure Edge Website Typo Protection using Group Policy

In the Group Policy Management Editor, navigate to Computer Configuration > Policies > Administrative Templates > Microsoft Edge > Edge Website Typo Protection Settings. Right-click the Configure Edge Website Typo Protection setting and select Edit.

The GPO policy setting “Configure Edge Website Typo Protection” lets you configure whether to turn on Website Typo Protection for the Edge browser. The Website Typo Protection provides warning messages to help protect your users from potential typosquatting sites. By default, Edge Website Typo Protection is turned on, and you can manage it using a GPO.

  • If you enable this policy, Edge Website Typo Protection is turned on.
  • If you disable this policy, Edge Website Typo Protection will be turned off.
  • If you don’t configure this policy, Edge Website Typo Protection is turned on, but users can choose whether to use Edge Website Typo Protection.

In the below example, we are setting Configure Edge Website Typo Protection to Enabled. This will turn on the website typo protection for the Edge browser and doesn’t allow users to disable it.

Enable Edge Website Typo Protection using Group Policy
Enable Edge Website Typo Protection using Group Policy

Link or Apply the GPO to OU

After you have configured the Website Typo Protection GPO, you need to link this GPO to an OU if you haven’t already. You can also link it to the domain, but doing so will make the GPO applicable to every computer in the domain, so it is not advised. The best approach is to choose a test OU, connect your GPO, and test the policy settings.

Update Group Policies on Windows Computers

It’s time to update the group policy on the client computers and check to see if the TyposquattingChecker feature has been enabled on the Edge browser. You can use multiple ways to perform the group policy update on remote computers. On a test client machine, you can manually perform the group policy update by running the gpupdate /force command.

End-User Experience

After the devices successfully update the group policies, we will now verify if the TyposquattingChecker feature has been enabled on the Edge browser. Sign in to a Windows device and launch the Edge browser. Browse to edge://settings/privacy and scroll down to the Security section.

In the below screenshot, we see that the website typo protection feature is enabled, and the user does not have the option to disable it because it is greyed out. This confirms that a GPO can help you enable or disable the typo protection feature for websites.

TyposquattingChecker in Microsoft Edge
End-User Experience

Read Next

Share This Article
Prajwal Desai
Posted by Prajwal Desai
Follow:
Prajwal Desai is a Microsoft MVP in Intune and SCCM. He writes articles on SCCM, Intune, Windows 365, Windows Server, Windows 11, WordPress and other topics, with the goal of providing people with useful information.
Leave a comment