Which term describes the phenomenon when users are misled to a fraudulent version of a website?

The correct term for the phenomenon when users are misled to a fraudulent version of a website is phishing. Phishing typically involves attackers creating a fake version of a legitimate website, often via email or other means of communication, to trick users into entering their personal information, such as usernames, passwords, and credit card numbers.

While typo squatting refers to registering domain names that are common misspellings of popular websites, its primary purpose is to capture traffic from users who type a URL incorrectly. This can lead to users landing on fraudulent or malicious sites, which can be a vector for phishing scams, but it is not specifically about deceiving users into entering personal information.

Domain squat involves registering domain names with the hope of selling them later at a higher price and does not inherently imply that users are being misled to a fraudulent version of a site.

Session hijacking involves taking over a user's session, often through stealing session tokens, and is more about intercepting communication rather than misleading users to a fraudulent site.

Therefore, phishing describes the targeted deception of users effectively, making it the appropriate term for such a scenario.