Rudy Giuliani's Twitter typos are a malware trap! Don't click these

Former NYC Mayor Rudy Giuliani warming up the crowd during a Trump presidential campaign rally in Iowa, September 2016.
Former NYC Mayor Rudy Giuliani warming up the crowd during a Trump presidential campaign rally in Iowa, September 2016. (Image credit: mark reinstein/Shutterstock)

Former New York City Mayor Rudy Giuliani is famous for making mistakes on TV, but it's his mistakes on Twitter than might infect your PC with malware.

The former presidential candidate, now serving pro bono as President Donald Trump's personal attorney, sometimes makes typos when he posts web links on his Twitter feed, which has more than 650,000 followers. On this past Saturday, (Feb. 16), he made three. 

Crooks and pranksters have registered those mangled domain names and had fun with them. Two redirect to benign websites, but the third leads to a potentially malicious browser extension, as Malwarebytes' Jerome Segura wrote in a blog post today (Feb. 19).

Saturday just wasn't a good day for Rudy. He began by posting a long tweet calling financier George Soros "enemy number one of the Republican Party" and an "anarchist." Giuliani implored his followers to " Wednesday this week." 

The problem is that Giuliani's personal website is "" There's no "watch" in the URL. But someone registered "" and it now redirects to a drug-treatment website.

Not as charming was the link Giuliani posted a couple of tweets later. In that case, he wrote "Rudy," so only the last part linked to anything. 

Lo and behold, someone registered "" If you click on that link, it now tries to get you to install a very shady-sounding browser extension that admits it will change your default search engine.

"When you see a domain registered with a Giuliani tweet with malware, that's not good for anybody," Segura told CNET.

Finally, Giuliani retweeted a fan's tweet and added another link to his own website, except that he left out the final "i", resulting in the link being "" 

Click on that, and you're redirected to the Wikipedia page about the Trump-Ukraine scandal, in which Giuliani plays a central role.

Segura points out that Giuliani, who was briefly President Trump's cybersecurity advisor, has become so famous for making digital gaffes -- Giuliani has butt-dialed reporters from his cell phone at least twice -- that people are counting on him to make mistakes.

"You're kind of relying on the user to make those typos and they happen once in a blue moon, so that's not ideal for attackers," Segura told CNET. "With him, just looking at the last few days, there were multiple occasions where he created links by mistake."

Paul Wagenseil

Paul Wagenseil is a senior editor at Tom's Guide focused on security and privacy. He has also been a dishwasher, fry cook, long-haul driver, code monkey and video editor. He's been rooting around in the information-security space for more than 15 years at, SecurityNewsDaily, TechNewsDaily and Tom's Guide, has presented talks at the ShmooCon, DerbyCon and BSides Las Vegas hacker conferences, shown up in random TV news spots and even moderated a panel discussion at the CEDIA home-technology conference. You can follow his rants on Twitter at @snd_wagenseil.