Typosquatting

An incorrectly entered URL could lead to a website operated by a cybersquatter.

Typosquatting, also called URL hijacking, a sting site, or a fake URL, is a form of cybersquatting, and possibly brandjacking which relies on mistakes such as typographical errors made by Internet users when inputting a website address into a web browser. Should a user accidentally enter an incorrect website address, they may be led to any URL (including an alternative website owned by a cybersquatter).^[1]

The typosquatter's URL will usually be one of four kinds, all similar to the victim site address (e.g. example.com):

A common misspelling, or foreign language spelling, of the intended site: exemple.com
A misspelling based on typos: examlpe.com
A differently phrased domain name: examples.com
A different top-level domain: example.org
An abuse of the Country Code Top-Level Domain (ccTLD): example.cm by using .cm, or example.co by using .co. A person leaving out either the letter o or the letter m in .com in error could arrive at the fake URL's website.

Once in the typosquatter's site, the user may also be tricked into thinking that they are in fact in the real site; through the use of copied or similar logos, website layouts or content.

Motivation

There are several different reasons for typosquatters buying a typo domain:

In order to try to sell the typo domain back to the brand owner
To "park" the typo domain and make pay-per-click revenues from direct navigation misspellings of the intended domain
To redirect the typo-traffic to a competitor
To redirect the typo-traffic back to the brand itself, but through an affiliate link, thus earning commissions from the brand owner's affiliate program. This "typo domain affiliate" is one of the most financially damaging schemes^{[citation needed]} as it siphons profits from the legitimate brand for traffic/customers that the brand would have gotten anyway had the typo domain not existed.
As a phishing scheme to mimic the brand's site, while intercepting passwords which the visitor enters unsuspectingly^[2]
To install drive-by malware or revenue generating adware onto the visitors' devices
To harvest misaddressed e-mail messages mistakenly sent to the typo domain
To block malevolent use of the typo domain by others
To expose users to Internet pornography
To express an opinion that is different from the intended website's opinion

Examples

Many companies, including Verizon, Lufthansa, and Lego, have garnered reputations for aggressively chasing down typosquatted names. Lego, for example, has spent roughly $500,000 USD on taking 309 cases through UDRP proceedings.^[3]

From 2006 to 2008, a typosquatted variant of Google called 'Goggle.com' existed. Visiting the website would cause the domain to automatically download various computer viruses and other malicious software to the computer, including the rogue Antispyware program SpySheriff. The website today is a link to a scam where you can win popular gadgets.

Celebrities have also frequently pursued their domain names, from singers to star athletes. Prominent examples include Basketball player Dirk Nowitzki's UDRP of DirkSwish.com^[4] and actress Eva Longoria's UDRP of EvaLongoria.org.^[5]

An example of corporate typosquatting is yuube.com, targeting YouTube users by having it programmed to redirect to a malicious website or page.^[6] Similarly, www.airfrance.com has been typosquatted by www.arifrance.com, diverting users to a website peddling discount travel.^[7] Other examples are Equifacks.com (Equifax.com), Experianne.com (Experian.com), and TramsOnion.com (TransUnion.com); these three typosquatted sites were registered by comedian John Oliver for his show Last Week Tonight.

People trying to visit the popular internet-based game agar.io may misspell said URL as agor.io. Visiting this site will produce a jumpscare or screamer of the popular Internet creepypasta Jeff the Killer, which flashes rapidly and produces a loud noise.

In United States law

In the United States, the 1999 Anticybersquatting Consumer Protection Act (ACPA) contains a clause (Section 3(a), amending 15 USC 1117 to include sub-section (d)(2)(B)(ii)) aimed at combatting typosquatting.^[8]^[9]

However, on April 17, 2006, controversial evangelist Jerry Falwell failed to get the U.S. Supreme Court to review a decision allowing Christopher Lamparello to use www.fallwell.com. Relying on a plausible misspelling of Falwell's name, Lamparello's gripe site presents misdirected visitors with scriptural references that are intended to counter the fundamentalist preacher's scathing rebukes against homosexuality. In Lamparello v. Falwell, the high court let stand a 2005 Fourth Circuit finding that "the use of a mark in a domain name for a gripe site criticizing the markholder does not constitute cybersquatting."

WIPO resolution procedure

Under the Uniform Domain-Name Dispute-Resolution Policy (UDRP), trademark holders can file a case at the World Intellectual Property Organization (WIPO) against typosquatters (as with cybersquatters in general).^[7] The complainant has to show that the registered domain name is identical or confusingly similar to their trademark, that the registrant has no legitimate interest in the domain name, and that the domain name is being used in bad faith.^[7]

References

↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ Lua error in package.lua at line 80: module 'strict' not found.
↑ ^7.0 ^7.1 ^7.2 Kelly M. Slavitt: Protecting Your Intellectual Property from Domain Name Typosquatters (2004)
↑ "Anti-CyberSquatting Protection Act." US Library of Congress, Thomas.loc.gov, accessed 24 October 2008.
↑ "Without typosquatters, how far would Google fall?" Cade Metz, The Register, Theregister.co.uk, accessed 24 October 2008.

External links

Jim Giles: Typos may earn Google $500m a year New Scientist, 17 February 2010 (reporting research by Ben Edelman and Tyler Moore: Measuring Typosquatting Perpetrators and Funders)
Lua error in package.lua at line 80: module 'strict' not found.
Lua error in package.lua at line 80: module 'strict' not found.
Lua error in package.lua at line 80: module 'strict' not found.

[1] Lua error in package.lua at line 80: module 'strict' not found.

[2] Lua error in package.lua at line 80: module 'strict' not found.

[3] Lua error in package.lua at line 80: module 'strict' not found.

[4] Lua error in package.lua at line 80: module 'strict' not found.

[5] Lua error in package.lua at line 80: module 'strict' not found.

[6] Lua error in package.lua at line 80: module 'strict' not found.

[slavitt-7] 7.0 ^7.1 ^7.2 Kelly M. Slavitt: Protecting Your Intellectual Property from Domain Name Typosquatters (2004)

[8] "Anti-CyberSquatting Protection Act." US Library of Congress, Thomas.loc.gov, accessed 24 October 2008.

[9] "Without typosquatters, how far would Google fall?" Cade Metz, The Register, Theregister.co.uk, accessed 24 October 2008.

[1]

[2]

[3]

[4]

[5]

[6]

[7]

[8]

[9]

v t e Domain name parking
General	Reverse domain hijacking Cybersquatting Domain name drop list Domain name speculation Domain sniping Domain parking Domain tasting Domain name warehousing Doppelganger domain Type-in traffic Typosquatting Domain name front running
Legal	Anticybersquatting Consumer Protection Act (Trademark Cyberpiracy Prevention Act) PROTECT Act of 2003 (incorporates the Truth In Domain Names Act of 2003)
Technical	Domain hack Wildcard DNS record Fast flux

Typosquatting

Contents

Motivation

Examples

In United States law

WIPO resolution procedure

See also

References

External links

Navigation menu

Personal tools

Namespaces

Variants

Views

More

Search

Navigation

Tools