diff --git a/assets/checksums.txt b/assets/checksums.txt
index dbaad4887..1fddceffc 100644
--- a/assets/checksums.txt
+++ b/assets/checksums.txt
@@ -1,7 +1,7 @@
 92665e68f30ee8b1594bab070acfa15c assets/ublock/unbreak.txt
 75448208315e80706632ec8a6df0e6d3 assets/ublock/privacy.txt
 09f198379cf23b2db2c14ea9ce032b7c assets/ublock/filters.txt
-535b115044f2f1832c681e6b79c5d611 assets/ublock/badware.txt
+d2c1dc3f8c4528e6d6a9083afc30b938 assets/ublock/badware.txt
 c9c5cc56bec563bc1885847f925b9be2 assets/ublock/mirror-candidates.txt
 84e25004aed0624992957a6fc6914d75 assets/ublock/filter-lists.json
 94c0a3eab74c42783855f07b22a429cf assets/thirdparties/home.fredfiber.no/langsholt/adblock.txt
diff --git a/assets/ublock/badware.txt b/assets/ublock/badware.txt
index 0fa51ba03..1c54ee8d7 100644
--- a/assets/ublock/badware.txt
+++ b/assets/ublock/badware.txt
@@ -18,6 +18,10 @@
 # 2011-08-22: http://www.extremetech.com/computing/93504-download-com-wraps-downloads-in-bloatware-lies-about-motivations
 ||download.cnet.com^$other
 
+# 2015-08-12: https://isc.sans.edu/diary/.COM.COM+Used+For+Malicious+Typo+Squatting/20019
+#     via https://twitter.com/SwiftOnSecurity/status/631972601460494336
+# 2013-12-10: https://blog.whitehatsec.com/why-com-com-should-scare-you/
+||com.com$document
 
 # 2015-06-18: http://www.information-age.com/industry/software/123459675/hotbed-malware-another-blow-sourceforge-google-discovers-588-pages-malicious-software
 # 2015-06-02: https://blog.l0cal.com/2015/06/02/what-happened-to-sourceforge/