Typosquatting's traditional attack vector is through the web to distribute malware or harvest credentials.
Other vectors such as email and remote access services such as SSH, RDP, and VPN also can be leveraged.
In a whitepaper by Godai Group on doppelganger domains, they demonstrated that numerous emails can be harvested without anyone noticing.
[1] For example, for email address "ktrout@finance.corpudyne.com", the doppelganger domain would be "financecorpudyne.com"; hence, an email accidentally addressed to "ktrout@financecorpudyne.com" (i.e. with the dot between "finance" and "corpudyne" having accidentally been omitted) would go to the doppelganger domain rather than to the legitimate user.
You can help Wikipedia by expanding it.This malware-related article is a stub.