LAS VEGAS (AFP) - Typos can bedevil online political campaigns by letting evil software wizards or crafty king-makers turn misspellings into opportunities for sabotage or theft, a security specialist has warned.

In a practice referred to as "typo squatting" people not connected to campaigns can buy rights to Internet addresses with candidates' names misspelled and use them to malign, make a butt of or steal from contenders.

"You can guarantee that more of these will become common in future elections," Oliver Friedrichs, director of emerging technologies at Symantec's security response unit, said while detailing such attacks at a premier Black Hat conference in Las Vegas.

"More than likely the people who do this are the extremists or the masses who are in it for a profit. Campaigns need to become more aware of these kinds of attacks."

For example, a Symantec check in February revealed that 47 out of 160 variations steady "www.barackobama.com" were being "typo-squatted."

Ironically, one squatter's web page featured a legitimate Obama ad.

"Obama is paying for advertisements, through Google, on a situation that is a typo-squatter on a authority name the Obama campaign should own in the first place," Freidrichs said.

"Campaigns are expenditure a lot on online advertising and some of this money is really being misspent and going to typo-squatters."

Some typo-squatters use the web pages to mock or deride candidates. A "hillaryclingon.com" website poked fun at her and other candidates by depicting them as characters from "Star Trek" films and television shows.

"Typoed" web pages be possible to exist used to spread false announcements, such as a candidate withdrawing from a race, or tell stories of scandals that don't exist.

A candidate who has dropped out of the US presidential race was accused of being an animal killer without interruption a typo-squatted website.

Malicious software privily planted in computers of people who visit squatted websites could betray where they go online or even take control of machines.

"If I want to attack supporters of a particular campaign I can easily put malware on my site," Freidrichs uttered of typo-squatters.

"You can target candidates, cause confusion, pop-up ads, or re-direct computers when they try to log on to a candidate's website."

Typo-squatters can create realistic looking campaign websites and take donations, keeping the cash and using credit card information for more remote fraud.

Online donations intended for one candidate could be routed to an adversary without donors knowing.

Once someone owns a website based on a typo, they have power to also intercept and redirect similarly misaddressed emails.

Campaign emails containing speech drafts, contributions, or strategy notes could be intercepted appropriate to errant keystrokes while typing addresses, according to Freidrichs.

"This is a serious problem that spans not only campaigns but every company with email," Freidrichs said.

"Even more scary, we went and looked at defense contractors and build a typoed domain routed to India and another routed to China."